CVSS: 8.7EPSS: %CPEs: 1EXPL: 0CVE-2025-3857 – Infinite loop condition in Amazon.IonDotnet
https://notcve.org/view.php?id=CVE-2025-3857
21 Apr 2025 — If the Ion data is malformed or truncated, this triggers an infinite loop condition that could potentially result in a denial of service. • https://aws.amazon.com/security/security-bulletins/AWS-2025-009 • CWE-502: Deserialization of Untrusted Data CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.4EPSS: %CPEs: 4EXPL: 0CVE-2025-2298 – Authenticated API Endpoint Allows Arbitrary File Deletion in Dremio Software
https://notcve.org/view.php?id=CVE-2025-2298
21 Apr 2025 — Exploiting this flaw could lead to data loss, denial of service (DoS), and potential escalation of impact depending on the deleted files. • https://docs.dremio.com/current/reference/bulletins/2025-04-21-01 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13926 – WP-Syntax <= 1.2 - Author+ Potential ReDoS
https://notcve.org/view.php?id=CVE-2024-13926
19 Apr 2025 — The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags, thereby exploiting a catastrophic backtracking issue in the regular expression processing to cause a DoS. • https://wpscan.com/vulnerability/b5f0092e-7cd5-412f-a8ea-7bd4a8bf86d2 •
CVSS: 2.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26819
https://notcve.org/view.php?id=CVE-2023-26819
19 Apr 2025 — cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}. • https://github.com/boofish/json_bugs/tree/main/cjson • CWE-440: Expected Behavior Violation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30158 – NamelessMC Forum iframe width/height abuse causing UI-based Denial of Service
https://notcve.org/view.php?id=CVE-2025-30158
18 Apr 2025 — This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. • https://github.com/NamelessMC/Nameless/security/advisories/GHSA-2prx-rgr7-hq5f • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29784 – NamelessMC Has Lack of Length Validation for s Parameter in GET Requests
https://notcve.org/view.php?id=CVE-2025-29784
18 Apr 2025 — This oversight can lead to performance degradation and potential denial-of-service (DoS) attacks. • https://github.com/NamelessMC/Nameless/security/advisories/GHSA-4hrq-rf96-c2jm • CWE-20: Improper Input Validation CWE-130: Improper Handling of Length Parameter Inconsistency CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-42599
https://notcve.org/view.php?id=CVE-2025-42599
18 Apr 2025 — Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. • https://www.qualitia.com/jp/news/2025/04/18_1030.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-57493
https://notcve.org/view.php?id=CVE-2024-57493
18 Apr 2025 — An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the setsockopt function. • https://gitlab.redox-os.org/redox-os/relibc/-/issues/201 •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-29625
https://notcve.org/view.php?id=CVE-2025-29625
18 Apr 2025 — A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long environment variable passed to FileOpen function. • https://github.com/CruiserOne/Astrolog/issues/25 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29931
https://notcve.org/view.php?id=CVE-2025-29931
17 Apr 2025 — This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial of service condition. • https://cert-portal.siemens.com/productcert/html/ssa-395348.html • CWE-130: Improper Handling of Length Parameter Inconsistency •