Lucene search
+L

443 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:46 p.m.7 views

CVE-2022-29767

adbyby v2.7 allows external users to make connections via port 8118. This can cause a program logic error and lead to a Denial of Service DoS via high CPU usage due to a large number of connections...

6.5CVSS6.8AI score0.00868EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.8 views

CVE-2022-1174

A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to trigger high CPU usage via a special crafted input added in Issues, Merge requests,...

7.5CVSS6.5AI score0.01442EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:6 p.m.9 views

CVE-2020-3548

A vulnerability in the Transport Layer Security TLS protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service DoS condition. The...

5.3CVSS7.1AI score0.00809EPSS
Exploits0
Veracode
Veracode
added 2025/05/22 9:26 a.m.9 views

Regular Expression Denial Of Service (ReDoS)

Transformers is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing due to nested quantifiers in the preprocessstring function of transformers.testingutils, which can cause exponential backtracking and high CPU usage when...

7.5CVSS6.6AI score0.00507EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2025/05/19 11:22 a.m.34 views

CVE-2025-2099 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leadin...

5.3CVSS0.00507EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/01 12:0 p.m.9 views

CVE-2025-1194

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

6.5CVSS6.7AI score0.00384EPSS
Exploits1References1
CVE
CVE
added 2025/04/29 11:30 a.m.222 views

CVE-2025-1194

CVE-2025-1194 – ReDoS in HuggingFace Transformers (GPT-NeoX-Japanese SubWordJapaneseTokenizer) The CVE describes a Regular Expression Denial of Service in the HuggingFace transformers package, specifically in tokenization_gpt_neox_japanese.py (GPT-NeoX-Japanese model). The vulnerability arises fr...

6.5CVSS4.5AI score0.00384EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.7 views

PT-2025-18141

Name of the Vulnerable Software and Affected Versions huggingface/transformers library version v4.48.1 Description A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization gpt neox japanese.py of the...

6.5CVSS6.2AI score0.00384EPSS
Exploits1References16
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.6 views

Subnet Solutions PowerSYSTEM Center 缓冲区错误漏洞

Subnet Solutions PowerSYSTEM Center is a power solution from Subnet Solutions, Inc. A buffer error vulnerability exists in Subnet Solutions PowerSYSTEM Center that stems from the import of specially crafted EC certificates that could lead to excessive CPU consumption...

5.3CVSS6.7AI score0.00131EPSS
Exploits0References3
NVD
NVD
added 2025/04/09 8:15 p.m.47 views

CVE-2025-30649

An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service DoS...

8.7CVSS0.004EPSS
Exploits0References1
Citrix
Citrix
added 2025/04/02 12:0 a.m.11 views

Citrix Virtual Apps and Desktops - MS Office processes crashes or gets stuck on close

When users open MS Access within ICA session and create a form it is one of the objects you can create within Access, save and then close the MSAccess UI, the UI goes away but the process MSAccess.exe remains in task manager consuming resources. The issue is specific to ICA session. The issue is...

7.1AI score
Exploits0
OSV
OSV
added 2025/03/27 6:31 p.m.20 views

GHSA-WQ32-8RP4-W2MC Nethermind Juno Potential Denial of Service (DoS) via Integer Overflow

An integer overflow in Nethermind Juno before v0.12.5 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop and high CPU usage by submitting a malicious Declare v2/v3 transaction. This results in a...

7.5CVSS7.4AI score0.00454EPSS
Exploits0References5
CVE
CVE
added 2025/03/27 12:0 a.m.66 views

CVE-2025-29072

The CVE-2025-29072 entry describes an integer overflow in Nethermind Juno (pre-12.05) within the Sierra bytecode decompression logic of cairo-lang-starknet-classes that can be triggered by a malicious Declare v2/v3 transaction, causing a Denial of Service with high CPU usage on Starknet full-node...

7.5CVSS6.9AI score0.00454EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/03/27 12:0 a.m.12 views

CVE-2025-29072

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop and high CPU usage by submitting a malicious Declare v2/v3 transaction. This results in a...

7.5CVSS7.4AI score0.00454EPSS
Exploits0References4
Snyk
Snyk
added 2025/03/20 12:32 p.m.2 views

Denial of Service (DoS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Denial of Service DoS via the endpoint for converting markdown. An attacker can cause the server to spend excessive time on processing, rendering it unresponsive to other requests until the conversion is...

8.7CVSS7.1AI score0.00811EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.22 views

Transformers Regular Expression Denial of Service (ReDoS) vulnerability

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

7.5CVSS6.6AI score0.00684EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.21 views

CVE-2024-12720 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

5.3CVSS0.00684EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/03/14 7:0 a.m.5 views

Waitress has a denial of service leading to high CPU usage/resource exhaustion

...

7.5CVSS7.5AI score0.01386EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/03/06 10:33 p.m.17 views

DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api

Impact What kind of vulnerability is it? Who is impacted? A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service DoS when a tracestate and traceparent header is received. These versions are used in OpenTelemetry .NET Automatic Instrumentation 1.10.0-beta.1 a...

7.5CVSS6.9AI score0.00468EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/06 10:33 p.m.7 views

GHSA-VC29-VG52-6643 DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api

Impact What kind of vulnerability is it? Who is impacted? A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service DoS when a tracestate and traceparent header is received. These versions are used in OpenTelemetry .NET Automatic Instrumentation 1.10.0-beta.1 a...

7.5CVSS6.9AI score0.00468EPSS
Exploits0References4
Rows per page
Query Builder