CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-1975 – Improper Validation of Array Index in ollama/ollama
https://notcve.org/view.php?id=CVE-2025-1975
16 May 2025 — A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. • https://huntr.com/bounties/921ba5d4-f1d0-4c66-9764-4f72dffe7acd • CWE-129: Improper Validation of Array Index •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 1CVE-2025-4756 – D-Link DI-7003GV2 restart.asp denial of service
https://notcve.org/view.php?id=CVE-2025-4756
16 May 2025 — The manipulation leads to denial of service. ... Mit der Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/at0de/my_vulns/blob/main/Dlink/Di-7003GV2/restart.md • CWE-404: Improper Resource Shutdown or Release •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 1CVE-2025-4749 – D-Link DI-7003GV2 Factory Reset backup.asp sub_4983B0 denial of service
https://notcve.org/view.php?id=CVE-2025-4749
16 May 2025 — The manipulation leads to denial of service. ... Durch das Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/at0de/my_vulns/blob/main/Dlink/Di-7003GV2/backup.md • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-0921 – Information Tampering Vulnerability in Multi-agent Notification Feature of GENESIS64 and MC Works64
https://notcve.org/view.php?id=CVE-2025-0921
15 May 2025 — This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC. • https://jvn.jp/vu/JVNVU93838985 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47287 – Tornado vulnerable to excessive logging caused by malformed multipart form data
https://notcve.org/view.php?id=CVE-2025-47287
15 May 2025 — This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. • https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26481
https://notcve.org/view.php?id=CVE-2025-26481
15 May 2025 — A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service. • https://www.dell.com/support/kbdoc/en-us/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-30476
https://notcve.org/view.php?id=CVE-2025-30476
15 May 2025 — An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. • https://www.dell.com/support/kbdoc/en-us/000317889/dsa-2025-186-security-update-for-dell-powerscale-inightiq-multiple-security-vulnerabilities • CWE-400: Uncontrolled Resource Consumption •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-47279 – undici Denial of Service attack via bad certificate data
https://notcve.org/view.php?id=CVE-2025-47279
15 May 2025 — Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server with an invalid certificate, and they can force the application to call the webhook repeatedly, then they can cause a memory leak. This has been patched in versions 5.29.0, 6.21.2, and 7.5.0. As a workaound, avoid calling a webhook repeatedly if the webhook fails. • https://github.com/nodejs/undici/security/advisories/GHSA-cxrh-j4jr-qwg3 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-2900 – IBM Semeru Runtime denial of service
https://notcve.org/view.php?id=CVE-2025-2900
14 May 2025 — IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation. • https://www.ibm.com/support/pages/node/7233415 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0CVE-2025-4637 – Divide By Zero in dlib
https://notcve.org/view.php?id=CVE-2025-4637
14 May 2025 — Divide By Zero vulnerability in davisking dlib allows remote attackers to cause a denial of service via a crafted file. .This issue affects dlib: before <19.24.7. • https://github.com/davisking/dlib/pull/3058 • CWE-369: Divide By Zero •