
CVE-2025-23270
https://notcve.org/view.php?id=CVE-2025-23270
17 Jul 2025 — A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5662 • CWE-392: Missing Report of Error Condition •

CVE-2025-23267
https://notcve.org/view.php?id=CVE-2025-23267
17 Jul 2025 — A successful exploit of this vulnerability might lead to data tampering and denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5659 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVE-2025-23266
https://notcve.org/view.php?id=CVE-2025-23266
17 Jul 2025 — A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5659 • CWE-426: Untrusted Search Path •

CVE-2025-53817 – GHSL-2025-059 - 7-Zip - Null pointer array write attempt in NArchive::NCom::CHandler::GetStream
https://notcve.org/view.php?id=CVE-2025-53817
17 Jul 2025 — Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. • https://securitylab.github.com/advisories/GHSL-2025-059_7-Zip • CWE-476: NULL Pointer Dereference •

CVE-2025-53816 – GHSL-2025-058 - 7-Zip Multi-byte write heap buffer overflow in NCompress::NRar5::CDecoder
https://notcve.org/view.php?id=CVE-2025-53816
17 Jul 2025 — Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. • https://securitylab.github.com/advisories/GHSL-2025-058_7-Zip • CWE-122: Heap-based Buffer Overflow •

CVE-2025-23263
https://notcve.org/view.php?id=CVE-2025-23263
17 Jul 2025 — NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause escalation of privileges and denial of service on the VLAN. • https://nvidia.custhelp.com/app/answers/detail/a_id/5654 • CWE-279: Incorrect Execution-Assigned Permissions •

CVE-2025-7338 – Multer vulnerable to Denial of Service via unhandled exception from malformed request
https://notcve.org/view.php?id=CVE-2025-7338
17 Jul 2025 — A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. • https://cna.openjsf.org/security-advisories.html • CWE-248: Uncaught Exception •

CVE-2025-36097 – IBM WebSphere Application Server denial of service
https://notcve.org/view.php?id=CVE-2025-36097
16 Jul 2025 — IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. • https://www.ibm.com/support/pages/node/7239856 • CWE-121: Stack-based Buffer Overflow •

CVE-2025-40777 – A possible assertion failure when 'stale-answer-client-timeout' is set to '0'
https://notcve.org/view.php?id=CVE-2025-40777
16 Jul 2025 — A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. • https://kb.isc.org/docs/cve-2025-40777 • CWE-617: Reachable Assertion •

CVE-2025-3871 – Broken Access Control Leads to Limited Denial of Service in GoAnywhere MFT 7.8.0 and earlier
https://notcve.org/view.php?id=CVE-2025-3871
16 Jul 2025 — Broken access control in Fortra's GoAnywhere MFT prior to 7.8.1 allows an attacker to create a denial of service situation when configured to use GoAnywhere One-Time Password (GOTP) email two-factor authentication (2FA) and the user has not set an email address. • https://www.fortra.com/security/advisories/product-security/FI-2025-009 • CWE-862: Missing Authorization •