NotCVE - DOS

53750 results (0.029 seconds)

CVSS: 4.3EPSS: %CPEs: 1EXPL: 0

CVE-2025-68659 – Discourse has DoS vulnerability in username change endpoint

https://notcve.org/view.php?id=CVE-2025-68659

28 Jan 2026 — Versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 have an application level denial of service vulnerabilityin the username change functionality at try.discourse.org. • https://github.com/discourse/discourse/security/advisories/GHSA-rmp6-c9rq-6q7p • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 6.3EPSS: %CPEs: 1EXPL: 0

CVE-2026-24775 – OpenProject has Forced Actions, Content Spoofing, and Persistent DoS via ID Manipulation in OpenProject Blocknote Editor Extension

https://notcve.org/view.php?id=CVE-2026-24775

28 Jan 2026 — OpenProject is an open-source, web-based project management software. In the new editor for collaborative documents based on BlockNote, OpenProject maintainers added a custom extension in OpenProject version 17.0.0 that allows to mention OpenProject work packages in the document. To show work package details, the editor loads details about the work package via the OpenProject API. For this API call, the extension to the BlockNote editor did not properly validate the given work package ID to be only a number... • https://github.com/opf/op-blocknote-extensions/releases/tag/v0.0.22 • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 5.5EPSS: %CPEs: 2EXPL: 0

CVE-2025-33237

https://notcve.org/view.php?id=CVE-2025-33237

28 Jan 2026 — A successful exploit of this vulnerability might lead to a denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-33237 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: %CPEs: 15EXPL: 0

CVE-2025-33220

https://notcve.org/view.php?id=CVE-2025-33220

28 Jan 2026 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-33220 • CWE-416: Use After Free •

CVSS: 7.8EPSS: %CPEs: 20EXPL: 0

CVE-2025-33219

https://notcve.org/view.php?id=CVE-2025-33219

CVSS: 7.8EPSS: %CPEs: 12EXPL: 0

CVE-2025-33218

https://notcve.org/view.php?id=CVE-2025-33218

CVSS: 7.8EPSS: %CPEs: 9EXPL: 0

CVE-2025-33217

https://notcve.org/view.php?id=CVE-2025-33217

28 Jan 2026 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-33217 • CWE-416: Use After Free •

CVSS: 9.8EPSS: %CPEs: 1EXPL: 1

CVE-2020-36964 – YATinyWinFTP - Denial of Service

https://notcve.org/view.php?id=CVE-2020-36964

28 Jan 2026 — YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. • https://www.vulncheck.com/advisories/yatinywinftp-denial-of-service • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: %CPEs: -EXPL: 1

CVE-2020-36943 – aSc TimeTables 2021.6.2 - Denial of Service

https://notcve.org/view.php?id=CVE-2020-36943

28 Jan 2026 — aSc TimeTables 2021.6.2 contains a denial of service vulnerability that allows attackers to crash the application by overwriting subject title fields with excessive data. • https://www.vulncheck.com/advisories/asc-timetables-denial-of-service • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 9.4EPSS: %CPEs: 2EXPL: 0

CVE-2026-24685 – OpenProject has Argument Injection on Repository module that allows Arbitrary File Write

https://notcve.org/view.php?id=CVE-2026-24685

28 Jan 2026 — The written contents consist of git show output (commit metadata and patch), but overwriting application or configuration files still leads to data loss and denial of service, impacting integrity and availability. • https://github.com/opf/openproject/security/advisories/GHSA-74p5-9pr3-r6pw • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

1 2 3 4 5