443 matches found
CVE-2022-29767
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program logic error and lead to a Denial of Service DoS via high CPU usage due to a large number of connections...
CVE-2022-1174
A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to trigger high CPU usage via a special crafted input added in Issues, Merge requests,...
CVE-2020-3548
A vulnerability in the Transport Layer Security TLS protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service DoS condition. The...
Regular Expression Denial Of Service (ReDoS)
Transformers is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing due to nested quantifiers in the preprocessstring function of transformers.testingutils, which can cause exponential backtracking and high CPU usage when...
CVE-2025-2099 Regular Expression Denial of Service (ReDoS) in huggingface/transformers
A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leadin...
CVE-2025-1194
A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...
CVE-2025-1194
CVE-2025-1194 – ReDoS in HuggingFace Transformers (GPT-NeoX-Japanese SubWordJapaneseTokenizer) The CVE describes a Regular Expression Denial of Service in the HuggingFace transformers package, specifically in tokenization_gpt_neox_japanese.py (GPT-NeoX-Japanese model). The vulnerability arises fr...
PT-2025-18141
Name of the Vulnerable Software and Affected Versions huggingface/transformers library version v4.48.1 Description A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization gpt neox japanese.py of the...
Subnet Solutions PowerSYSTEM Center 缓冲区错误漏洞
Subnet Solutions PowerSYSTEM Center is a power solution from Subnet Solutions, Inc. A buffer error vulnerability exists in Subnet Solutions PowerSYSTEM Center that stems from the import of specially crafted EC certificates that could lead to excessive CPU consumption...
CVE-2025-30649
An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service DoS...
Citrix Virtual Apps and Desktops - MS Office processes crashes or gets stuck on close
When users open MS Access within ICA session and create a form it is one of the objects you can create within Access, save and then close the MSAccess UI, the UI goes away but the process MSAccess.exe remains in task manager consuming resources. The issue is specific to ICA session. The issue is...
GHSA-WQ32-8RP4-W2MC Nethermind Juno Potential Denial of Service (DoS) via Integer Overflow
An integer overflow in Nethermind Juno before v0.12.5 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop and high CPU usage by submitting a malicious Declare v2/v3 transaction. This results in a...
CVE-2025-29072
The CVE-2025-29072 entry describes an integer overflow in Nethermind Juno (pre-12.05) within the Sierra bytecode decompression logic of cairo-lang-starknet-classes that can be triggered by a malicious Declare v2/v3 transaction, causing a Denial of Service with high CPU usage on Starknet full-node...
CVE-2025-29072
An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop and high CPU usage by submitting a malicious Declare v2/v3 transaction. This results in a...
Denial of Service (DoS)
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Denial of Service DoS via the endpoint for converting markdown. An attacker can cause the server to spend excessive time on processing, rendering it unresponsive to other requests until the conversion is...
Transformers Regular Expression Denial of Service (ReDoS) vulnerability
A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...
CVE-2024-12720 Regular Expression Denial of Service (ReDoS) in huggingface/transformers
A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...
Waitress has a denial of service leading to high CPU usage/resource exhaustion
...
DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api
Impact What kind of vulnerability is it? Who is impacted? A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service DoS when a tracestate and traceparent header is received. These versions are used in OpenTelemetry .NET Automatic Instrumentation 1.10.0-beta.1 a...
GHSA-VC29-VG52-6643 DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api
Impact What kind of vulnerability is it? Who is impacted? A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service DoS when a tracestate and traceparent header is received. These versions are used in OpenTelemetry .NET Automatic Instrumentation 1.10.0-beta.1 a...