CVSS: 8.1EPSS: %CPEs: 1EXPL: 0CVE-2025-0952 – Eco Nature - Environment & Ecology WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
https://notcve.org/view.php?id=CVE-2025-0952
13 Mar 2025 — The Eco Nature - Environment & Ecology WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmasters_hide_admin_notice' AJAX action in all versions up to, and including, 2.0.4. • https://themeforest.net/item/eco-nature-environment-ecology-wordpress-theme/8497776 • CWE-862: Missing Authorization •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-25293 – ruby-saml vulnerable to Remote Denial of Service (DoS) with compressed SAML responses
https://notcve.org/view.php?id=CVE-2025-25293
12 Mar 2025 — Prior to versions 1.12.4 and 1.18.0, ruby-saml is susceptible to remote Denial of Service (DoS) with compressed SAML responses. ruby-saml uses zlib to decompress SAML responses in case they're compressed. ... This issue may lead to remote Denial of Service (DoS). • https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-0116 – PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame
https://notcve.org/view.php?id=CVE-2025-0116
12 Mar 2025 — A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. • https://security.paloaltonetworks.com/CVE-2025-0116 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0114 – PAN-OS: Denial of Service (DoS) in GlobalProtect
https://notcve.org/view.php?id=CVE-2025-0114
12 Mar 2025 — A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. • https://security.paloaltonetworks.com/CVE-2025-0114 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2025-20209 – Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20209
12 Mar 2025 — A successful exploit could allow the attacker to prevent the affected device from processing any control plane UDP packets, resulting in a denial of service (DoS) condition. • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2025-20146 – Cisco IOS XR Software for ASR 9000 Series Routers Layer 3 Multicast Routing Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20146
12 Mar 2025 — A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 34EXPL: 0CVE-2025-20142 – Cisco IOS XR Software for ASR 9000 Series Routers L2VPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20142
12 Mar 2025 — A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20141 – Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity
https://notcve.org/view.php?id=CVE-2025-20141
12 Mar 2025 — A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition. • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 0%CPEs: 93EXPL: 0CVE-2025-20115 – Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20115
12 Mar 2025 — A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. ... A successful exploit could allow the attacker to cause memory corruption, which may cause the BGP process to restart, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bgp-dos-O7stePhX • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2025-2240 – Smallrye-fault-tolerance: smallrye fault tolerance
https://notcve.org/view.php?id=CVE-2025-2240
12 Mar 2025 — Every call creates a new object within meterMap and may lead to a denial of service (DoS) issue. • https://access.redhat.com/security/cve/CVE-2025-2240 • CWE-1325: Improperly Controlled Sequential Memory Allocation •