CVSS: 7.5EPSS: %CPEs: 1EXPL: 0CVE-2025-48375 – Schule Missing Rate Limiting on OTP Email Requests – Susceptible to Abuse & DoS
https://notcve.org/view.php?id=CVE-2025-48375
23 May 2025 — This vulnerability can be exploited to send an excessive number of OTP emails, leading to potential denial-of-service (DoS) conditions or facilitating user harassment through email flooding. • https://github.com/schule111/Schule/security/advisories/GHSA-h3f2-mc85-67gc • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: %CPEs: 2EXPL: 0CVE-2022-31812
https://notcve.org/view.php?id=CVE-2022-31812
23 May 2025 — Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an unauthenticated remote attacker to create a denial of service condition. • https://cert-portal.siemens.com/productcert/html/ssa-041082.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: %CPEs: -EXPL: 1CVE-2018-25110 – Regular Expression Denial of Service (ReDoS) in markedjs/marked
https://notcve.org/view.php?id=CVE-2018-25110
23 May 2025 — Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown input, such as deeply nested or repetitively structured brackets or tag attributes, which cause the parser to hang and lead to a Denial of Service. • https://github.com/Checkmarx/Vulnerabilities-Proofs-of-Concept/tree/main/2018/CVE-2018-25110 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.8EPSS: %CPEs: 3EXPL: 1CVE-2024-7803 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2024-7803
23 May 2025 — A Discord webhook integration may cause DoS. • https://gitlab.com/gitlab-org/gitlab/-/issues/479168 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 0CVE-2025-47149
https://notcve.org/view.php?id=CVE-2025-47149
23 May 2025 — The optional feature 'Anti-Virus & Sandbox' of i-FILTER contains an issue with improper pattern file validation. ... If the product uses a specially crafted pattern file, information in the server where the product is running may be retrieved, and/or cause a denial of service (DoS) condition. • https://download.daj.co.jp/support/detail/?page=releasenote_content&division=6&id=1057 • CWE-348: Use of Less Trusted Source •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48075 – Fiber panics when fiber.Ctx.BodyParser parses invalid range index
https://notcve.org/view.php?id=CVE-2025-48075
22 May 2025 — Starting in version 2.52.6 and prior to version 2.52.7, `fiber.Ctx.BodyParser` can map flat data to nested slices using `key[idx]value` syntax, but when idx is negative, it causes a panic instead of returning an error stating it cannot process the data. Since this data is user-provided, this could lead to denial of service for anyone relying on this `fiber.Ctx.BodyParser` functionality. • https://github.com/gofiber/fiber/commit/e115c08b8f059a4a031b492aa9eef0712411853d • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-0993 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-0993
22 May 2025 — This could allow an authenticated attacker to cause a denial of service condition by exhausting server resources. • https://gitlab.com/gitlab-org/gitlab/-/issues/516927 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-2853 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-2853
22 May 2025 — A lack of proper validation in GitLab could allow an authenticated user to cause a denial of service condition. • https://gitlab.com/gitlab-org/gitlab/-/issues/527218 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-3111 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-3111
22 May 2025 — A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service.. • https://gitlab.com/gitlab-org/gitlab/-/issues/533313 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47947 – ModSecurity Has Possible DoS Vulnerability
https://notcve.org/view.php?id=CVE-2025-47947
21 May 2025 — Versions up to and including 2.9.8 are vulnerable to denial of service in one special case (in stable released versions): when the payload's content type is `application/json`, and there is at least one rule which does a `sanitiseMatchedBytes` action. A patch is available at pull request 3389 and expected to be part of version 2.9.9. • https://github.com/owasp-modsecurity/ModSecurity/pull/3389 • CWE-1050: Excessive Platform Resource Consumption within a Loop •