CVSS: 7.5EPSS: %CPEs: 5EXPL: 0CVE-2025-20139
https://notcve.org/view.php?id=CVE-2025-20139
02 Apr 2025 — A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. ... A successful exploit could allow the attacker to cause the application to stop responding, resulting in a DoS condition. The application may not recover on its... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-tC6m9GZ8 • CWE-185: Incorrect Regular Expression •
CVSS: 7.7EPSS: %CPEs: 14EXPL: 0CVE-2025-20212
https://notcve.org/view.php?id=CVE-2025-20212
02 Apr 2025 — A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. ... A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN sessions and forcing remote users to initiat... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vNRpDvfb • CWE-457: Use of Uninitialized Variable •
CVSS: 6.5EPSS: %CPEs: 10EXPL: 0CVE-2024-50385
https://notcve.org/view.php?id=CVE-2024-50385
02 Apr 2025 — A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2097 • CWE-459: Incomplete Cleanup •
CVSS: 6.5EPSS: %CPEs: 10EXPL: 0CVE-2024-50384
https://notcve.org/view.php?id=CVE-2024-50384
02 Apr 2025 — A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2097 • CWE-459: Incomplete Cleanup •
CVSS: 4.3EPSS: %CPEs: 10EXPL: 0CVE-2024-50595
https://notcve.org/view.php?id=CVE-2024-50595
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This vulnerability affects the NetX Duo Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2102 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.3EPSS: %CPEs: 10EXPL: 0CVE-2024-50594
https://notcve.org/view.php?id=CVE-2024-50594
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This vulnerability affects the NetX Duo Web Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\web\nx_web_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2102 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.3EPSS: %CPEs: 10EXPL: 0CVE-2024-50597
https://notcve.org/view.php?id=CVE-2024-50597
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2103 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.3EPSS: %CPEs: 10EXPL: 0CVE-2024-50596
https://notcve.org/view.php?id=CVE-2024-50596
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2103 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.2EPSS: 0%CPEs: 7EXPL: 0CVE-2025-0415 – Command Injection in NTP Setting
https://notcve.org/view.php?id=CVE-2025-0415
02 Apr 2025 — Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for downstream systems that rely on its network services. • https://www.moxa.com/en/support/product-support/security-advisory/mpsa-259491-cve-2025-0415-command-injection-leading-to-denial-of-service-(dos) • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45700 – DoS vulnerability due to uncontrolled resource exhaustion
https://notcve.org/view.php?id=CVE-2024-45700
02 Apr 2025 — Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading to a service crash. • https://support.zabbix.com/browse/ZBX-26253 • CWE-770: Allocation of Resources Without Limits or Throttling •