CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-2958

A vulnerability was found in TRENDnet TEW-818DRU 1.0.14.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to denial of service. The attack needs to be done...

CVE-2024-38988

alizeait unflatto = 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/index.js. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

CVE-2024-23942

A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS...

CVE-2025-0315

A vulnerability in ollama/ollama =0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service DoS attack...

CVE-2024-9437

SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service DoS attack. The vulnerability exists in the resource upload request, where appending characters, such as dashes -, to the end of a multipart boundary in an HTTP request causes the server to continuously process each...

CVE-2025-0313

...

PT-2025-12027 · Berriai · Berriai/Litellm

Name of the Vulnerable Software and Affected Versions: BerriAI/litellm version as of commit 26c03c9 Description: The issue allows unauthenticated users to cause a Denial of Service DoS by exploiting the use of ast.literal eval to parse user input. This function is not safe and is prone to DoS...

CVE-2025-27415

CVE-2025-27415 affects Nuxt (Vue.js framework) prior to version 3.16.0. A crafted HTTP request sent to a server behind a CDN can poison the CDN cache under certain conditions, potentially rendering JSON like https://mysite.com/?/_payload.json and causing the cached response to be served to future...

RDK 5.3 Buffer Overflow

RDK version 5.3 suffers from a local buffer overflow vulnerability. Exploit Title: RDK v5.3 - Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 17.04.2024 Vendor Homepage: http://www.shenturk.com Software Link: http://www.shenturk.com/downloads/rdk-5.3-setup.rar Tested Version...

Medium: clamav1.4

Issue Overview: A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows...

Medium: php8.2

Issue Overview: The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system, particularly when processing input with convert.quoted-printable-decode filters, leads to a segmentation fault. This vulnerability is triggered through specific...

CVE-2025-27497 OpenDJ Denial of Service (Dos) using alias loop

OpenDJ is an LDAPv3 compliant directory service. OpenDJ prior to 4.9.3 contains a denial-of-service DoS vulnerability that causes the server to become unresponsive to all LDAP requests without crashing or restarting. This issue occurs when an alias loop exists in the LDAP database. If an ldapsear...

CVE-2025-1714

Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy prior to version 4.14.0-7 on Gliffy online allows attacker to enumerate valid user emails and potentially DOS the server...

CVE-2025-1714 Username Enumeration in Gliffy

Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy prior to version 4.14.0-7 on Gliffy online allows attacker to enumerate valid user emails and potentially DOS the server...

Linux Distros Unpatched Vulnerability : CVE-2024-31582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the drawblockrectangle function of libavfilter/vfcodecview.c. This...

Linux Distros Unpatched Vulnerability : CVE-2024-38828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. CVE-2024-38828 Note that Nessus relies on the presence ...

Linux Distros Unpatched Vulnerability : CVE-2024-21160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easi...

Linux Distros Unpatched Vulnerability : CVE-2024-30258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and...