CVSS: 6.5EPSS: %CPEs: 4EXPL: 0CVE-2025-12687 – Denial-of-Service Vulnerability in NomadBranch.exe
https://notcve.org/view.php?id=CVE-2025-12687
11 Dec 2025 — A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to cause a denial of service (application crash) via a crafted command, resulting in service termination. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1005 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: %CPEs: -EXPL: 0CVE-2025-14512 – Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
https://notcve.org/view.php?id=CVE-2025-14512
11 Dec 2025 — This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values. • https://access.redhat.com/security/cve/CVE-2025-14512 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: %CPEs: 3EXPL: 0CVE-2025-4097 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-4097
11 Dec 2025 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a denial of service condition by uploading specially crafted images. • https://about.gitlab.com/releases/2025/12/10/patch-release-gitlab-18-6-2-released • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: %CPEs: 3EXPL: 1CVE-2025-12562 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-12562
11 Dec 2025 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted GraphQL queries that bypass query complexity limits. • https://about.gitlab.com/releases/2025/12/10/patch-release-gitlab-18-6-2-released • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: %CPEs: 3EXPL: 0CVE-2025-14157 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-14157
11 Dec 2025 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters. • https://about.gitlab.com/releases/2025/12/10/patch-release-gitlab-18-6-2-released • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: %CPEs: 1EXPL: 0CVE-2025-66033 – Improper Memory Cleanup in the Okta Java SDK
https://notcve.org/view.php?id=CVE-2025-66033
10 Dec 2025 — Over time, this can degrade performance and availability in long-running applications and may result in a denial-of-service condition under sustained load. • https://github.com/okta/okta-sdk-java/commit/1daa9229a70fc38fb252aeaa637f82d0b0729b3f • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.3EPSS: %CPEs: 1EXPL: 1CVE-2020-36885 – Sony IPELA Network Camera 1.82.01 Remote Stack Buffer Overflow via ftpclient.cgi
https://notcve.org/view.php?id=CVE-2020-36885
10 Dec 2025 — Attackers can exploit the vulnerability by sending a crafted POST request with oversized data to the FTP client functionality, potentially causing remote code execution or denial of service. • https://pro.sony/en_NL/support-resources/snc-dh120 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: %CPEs: 1EXPL: 0CVE-2025-34429 – 1Panel CSRF Web Port Configuration Change
https://notcve.org/view.php?id=CVE-2025-34429
10 Dec 2025 — This allows an attacker to change the port on which the 1Panel web service listens, causing loss of access on the original port and resulting in service disruption or denial of service, and may unintentionally expose the service on an attacker-chosen port. • https://1panel.pro • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2025-67635
https://notcve.org/view.php?id=CVE-2025-67635
10 Dec 2025 — Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service. • https://www.jenkins.io/security/advisory/2025-12-10/#SECURITY-3630 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 8.8EPSS: %CPEs: 1EXPL: 0CVE-2025-34410 – 1Panel CSRF in Change Username Functionality Allows Account Lockout
https://notcve.org/view.php?id=CVE-2025-34410
10 Dec 2025 — After the change, the victim is logged out and unable to log in with the previous username, resulting in account lockout and denial of service. After the change, the victim is logged out and unable to log in with the previous username, resulting in account lockout and denial of service. 1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the Change Username functionality available from the settings panel (/settings/panel). • https://1panel.pro • CWE-352: Cross-Site Request Forgery (CSRF) •