Denial Of Service (DoS)

BentoML is vulnerable to Denial of Service DoS. The vulnerability is due to improper request handling due to the server continuously processing appended characters in a multipart boundary of an HTTP request, leading to excessive resource consumption and service unavailability...

CVE-2025-0191

A Denial of Service DoS vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...

CVE-2025-0187

A Denial of Service DoS vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...

CVE-2024-12761

A Denial of Service DoS vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the /api/stablestudio/generate endpoint, which can be exploited by sending an invalid request. This causes the server process to terminate abruptly, outputting...

CVE-2024-9840

A Denial of Service DoS vulnerability exists in open-webui/open-webui version 0.3.21. This vulnerability affects multiple endpoints, including /ollama/models/upload, /audio/api/v1/transcriptions, and /rag/api/v1/doc. The application processes multipart boundaries without authentication, leading t...

CVE-2024-8736

A Denial of Service DoS vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 Strawberry. The vulnerability can be exploited remotely via Cross-Site Request Forgery CSRF. Despite CSRF protection preventing file uploads, the application still processes multipa...

CVE-2025-26500

: Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation. Specifically crafted USB packets may lead to the system becoming unavailable This issue affects VxWorks 7: from 22.06 through 24.03...

CVE-2025-26500 VxWorks 7 USB Failure

: Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation. Specifically crafted USB packets may lead to the system becoming unavailable This issue affects VxWorks 7: from 22.06 through 24.03...

CVE-2025-26500

CVE-2025-26500 affects Wind River VxWorks 7 (versions 22.06–24.03). The issue is an Uncontrolled Resource Consumption (Excessive Allocation) caused by specially crafted USB packets that can render the system unavailable. Affected component: USB handling within VxWorks 7; root cause described as e...

imaginAIry Denial of Service (DoS) vulnerability

A Denial of Service DoS vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the /api/stablestudio/generate endpoint, which can be exploited by sending an invalid request. This causes the server process to terminate abruptly, outputting...

CVE-2025-0187

A Denial of Service DoS vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...

CVE-2024-12074

A Denial of Service DoS vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...

CVE-2024-12063 Denial of Service in imartinez/privategpt

A Denial of Service DoS vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large...

CVE-2024-10650 Denial of Service (DoS) in gaizhenbiao/chuanhuchatgpt

An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...

CVE-2024-10650 Denial of Service (DoS) in gaizhenbiao/chuanhuchatgpt

An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...

CVE-2024-8736

CVE-2024-8736 affects parisneo/lollms-webui (V12 Strawberry). The DoS arises from how multipart boundaries are processed in the /upload_avatar, /upload_app, and /upload_logo endpoints despite CSRF protections, causing resource exhaustion and possible service unavailability. Public details describ...

CVE-2024-12070 Denial of Service in haotian-liu/llava

A Denial of Service DoS vulnerability exists in the file upload feature of haotian-liu/llava, specifically in Release v1.2.0 LLaVA-1.6. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...

CVE-2024-12074

CVE-2024-12074 describes a DoS in automatic1111/stable-diffusion-webui 1.10.0 caused by improper handling of form-data with a very large filename in file uploads. The vulnerability, exploitable without authentication, can render the server unresponsive and unavailable to legitimate users, indicat...

CVE-2024-9840

...

CVE-2024-9840

CVE-2024-9840 is a duplicate of CVE-2024-53981 (per the initial description). Connected data confirms CVE-2024-53981 describes a vulnerability in python-multipart (a streaming multipart parser) with a DoS risk when parsing form data; fixed in version 0.0.18. There is no separate active entry for ...