CVSS: 3.3EPSS: %CPEs: 1EXPL: 0CVE-2023-28902 – Denial of Service via integer underflow in picserver
https://notcve.org/view.php?id=CVE-2023-28902
28 Jun 2025 — An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 3.3EPSS: %CPEs: 1EXPL: 0CVE-2023-28903
https://notcve.org/view.php?id=CVE-2023-28903
28 Jun 2025 — An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: %CPEs: 1EXPL: 0CVE-2023-28911 – Arbitrary Channel Disconnection Resulting in Denial of Service
https://notcve.org/view.php?id=CVE-2023-28911
28 Jun 2025 — An attacker can leverage this vulnerability to cause a denial-of-service attack for every connected client of the infotainment device. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. • https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: %CPEs: -EXPL: 0CVE-2025-1991 – IBM Informix Dynamic Server denial of service
https://notcve.org/view.php?id=CVE-2025-1991
28 Jun 2025 — IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets. • https://www.ibm.com/support/pages/node/7238455 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-44559
https://notcve.org/view.php?id=CVE-2025-44559
27 Jun 2025 — An issue in the Bluetooth Low Energy (BLE) stack of Realtek RTL8762E BLE SDK v1.4.0 allows attackers within Bluetooth range to cause a Denial of Service (DoS) via sending a specific sequence of crafted control packets. • http://realtek.com •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-45851
https://notcve.org/view.php?id=CVE-2025-45851
27 Jun 2025 — An issue in Hikvision DS-2CD1321-I V5.7.21 build 230819 allows attackers to cause a Denial of Service (DoS) via sending a crafted POST request to the endpoint /ISAPI/Security/challenge. • https://crashpark.weebly.com/blog/hikvision-ip-camera-unauthenticated-denial-of-service-dos •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-6710 – Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB
https://notcve.org/view.php?id=CVE-2025-6710
26 Jun 2025 — The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating. • https://jira.mongodb.org/browse/SERVER-106749 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-6709 – Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication
https://notcve.org/view.php?id=CVE-2025-6709
26 Jun 2025 — The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON input when using OIDC authentication. ... The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating. • https://jira.mongodb.org/browse/SERVER-106748 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-3279 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-3279
26 Jun 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests. • https://gitlab.com/gitlab-org/gitlab/-/issues/534424 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52894 – OpenBao Vulnerable to Unauthenticated Rekey Operation Cancellation
https://notcve.org/view.php?id=CVE-2025-52894
25 Jun 2025 — OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of service. • https://github.com/openbao/openbao/commit/fe75468822a22a88318c6079425357a02ae5b77b • CWE-20: Improper Input Validation •