CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2958 – TRENDnet TEW-818DRU HTTP Request httpd denial of service
https://notcve.org/view.php?id=CVE-2025-2958
30 Mar 2025 — Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to denial of service. ... Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.302011 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 1CVE-2025-2953 – PyTorch torch.mkldnn_max_pool2d denial of service
https://notcve.org/view.php?id=CVE-2025-2953
30 Mar 2025 — The manipulation leads to denial of service. ... Dank Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/pytorch/pytorch/issues/149274 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27932
https://notcve.org/view.php?id=CVE-2025-27932
28 Mar 2025 — Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file deletion process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an attacker may delete a file on the device or cause a denial of service (DoS) condition. • https://jvn.jp/en/jp/JVN04278547 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38985
https://notcve.org/view.php?id=CVE-2024-38985
28 Mar 2025 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/32c0a48023036e51918f6a098f21953d • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38988
https://notcve.org/view.php?id=CVE-2024-38988
28 Mar 2025 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/4c5dfb66bea377889c44dd6c8af28713 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-57083
https://notcve.org/view.php?id=CVE-2024-57083
28 Mar 2025 — A prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc <= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. • https://github.com/Redocly/redoc/issues/2499 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30358 – Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
https://notcve.org/view.php?id=CVE-2025-30358
27 Mar 2025 — This vulnerability could directly lead to a denial of service (DoS) attack against the server. ... Just like the Javascript's prototype pollution, this vulnerability could leave a way for attackers to manipulate the intended data-flow or control-flow of the application at runtime and lead to severe consequences like remote code execution when gadgets are available. • https://github.com/mesop-dev/mesop/commit/748e20d4a363d89b841d62213f5b0c6b4bed788f • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-30355 – Synapse vulnerable to federation denial of service via malformed events
https://notcve.org/view.php?id=CVE-2025-30355
27 Mar 2025 — Synapse is an open source Matrix homeserver implementation. A malicious server can craft events which, when received, prevent Synapse version up to 1.127.0 from federating with other servers. The vulnerability has been exploited in the wild and has been fixed in Synapse v1.127.1. No known workarounds are available. • https://github.com/ui-bootstrap/CVE-2025-30355 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-26265
https://notcve.org/view.php?id=CVE-2025-26265
27 Mar 2025 — A segmentation fault in openairinterface5g v2.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted UE Context Modification response. • https://anonymous.4open.science/r/Mobicom-ARCANE-36B7/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29072
https://notcve.org/view.php?id=CVE-2025-29072
27 Mar 2025 — This results in a denial-of-service condition for affected Starknet full-node implementations. • https://community.starknet.io/t/starknet-security-update-potential-full-node-vulnerability-recap/115314 • CWE-190: Integer Overflow or Wraparound •