Denial Of Service

Gitlab versions up to 18.6.6 is affected by allocation of resources without limits or throttling (CVSS 6.5).

GitLab CE/EE versions 18.4 through 18.8 are vulnerable to unauthenticated denial of service attacks where an attacker can exhaust server resources by circumventing JSON validation limits. An unauthenticated remote attacker can trigger excessive memory or CPU consumption without authentication or user interaction, potentially rendering the service unavailable. Currently no patch is available for this vulnerability.

Gitlab versions up to 18.6.6 is affected by allocation of resources without limits or throttling (CVSS 7.5).

DoraCMS 3.1 and earlier allows unauthenticated attackers to perform server-side request forgery through the UEditor remote image fetch feature, which fails to validate or restrict destination URLs. An attacker can exploit this to force the server to make arbitrary HTTP/HTTPS requests to internal network resources, enabling internal reconnaissance and potential denial of service attacks.

AutoGPT platform versions before 0.6.32 contain a regular expression denial of service vulnerability in the Code Extraction Block due to overlapping quantifiers that cause catastrophic backtracking when processing whitespace-heavy inputs. Authenticated attackers can exploit this by submitting malicious input with long sequences of spaces to trigger excessive regex processing, causing the service to become unavailable. Public exploit code exists for this vulnerability, and a patch is available in version 0.6.32 and later.

Unauthenticated attackers can crash core PI services through an unhandled exception vulnerability accessible over the network, causing denial-of-service without authentication or user interaction required. This high-severity flaw (CVSS 7.5) impacts availability of affected PI deployments with no patch currently available.

Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.

MongoDB server crashes when an authenticated user executes a $geoNear aggregation pipeline with malformed index hints, enabling denial of service attacks by any user with database access. This medium-severity vulnerability requires valid credentials and does not affect confidentiality or integrity, only availability. No patch is currently available.

DNG SDK 1.7.1 (build 2410) and earlier contain an integer overflow vulnerability that causes application denial-of-service when processing malicious files. Local attackers can exploit this flaw by tricking users into opening a specially crafted file, resulting in application crashes or hangs. No patch is currently available.

MongoDB's Query Planner can be exhausted of available memory when processing specially crafted complex queries, leading to service denial through out-of-memory crashes. Authenticated users can trigger this condition without user interaction, affecting availability of MongoDB instances. No patch is currently available to address this vulnerability.

MongoDB proxy port connections bypass connection accounting mechanisms, allowing unauthenticated remote attackers to exhaust server resources and trigger denial of service without authentication. Servers relying on connection limits for resource management are vulnerable to crashes when connection counts are artificially inflated through the proxy protocol. No patch is currently available for this high-severity issue affecting MongoDB deployments.

MongoDB replica set replication can be disrupted when oversized documents are inserted, preventing secondaries from synchronizing oplog entries with the primary and potentially causing server crashes. Authenticated users with write access can trigger this denial of service condition to destabilize replica set availability. No patch is currently available for this vulnerability.

Unauthenticated access to the FastGPT plugin API endpoint (FastGPT/api/plugin/xxx) in versions 4.14.0 through 4.14.5 allows remote attackers to disrupt plugin functionality and cause loss of plugin installation state without authentication. The vulnerability affects the AI/ML platform's plugin system availability and integrity, though sensitive data such as cryptographic keys are not exposed. A patch is available in version 4.14.5-fix.

Out-of-bounds heap buffer reads in libpng versions prior to 1.6.55 can be triggered through the png_set_quantize() function when processing specially crafted PNG images with specific palette configurations, potentially causing denial of service or information disclosure. Public exploit code exists for this vulnerability, affecting applications that use libpng to process untrusted PNG files. A patch is available in version 1.6.55 and later.

MongoDB instances are vulnerable to denial of service attacks when processing specially crafted unauthenticated messages that trigger memory exhaustion and server crashes. An unauthenticated remote attacker can exploit this vulnerability to disable MongoDB availability without requiring valid credentials or user interaction. No patch is currently available for this vulnerability.

Emmett is a framework designed to simplify your development process. versions up to 1.3.11 contains a vulnerability that allows attackers to trigger HTTP 500 errors and cause denial of service (CVSS 7.5).

Windows Remote Access Connection Manager contains a null pointer dereference flaw affecting Windows 10 (versions 1809 and 21h2) and Windows 11 (version 23h2) that has been confirmed as actively exploited. A local attacker can trigger a denial of service condition without requiring authentication or user interaction. No patch is currently available for this vulnerability.

InDesign versions 21.1, 20.5.1 and earlier contain a heap buffer overflow that enables local denial-of-service attacks when users open malicious files. An attacker can crash the application to disrupt workflow, though no patch is currently available. User interaction is required for exploitation.

Adobe After Effects 25.6 and earlier suffers from a null pointer dereference that allows attackers to trigger application crashes by convincing users to open a specially crafted file. This local denial-of-service vulnerability requires user interaction but requires no special privileges, potentially disrupting creative workflows. No patch is currently available.

Substance 3D Designer 15.1.0 and earlier contains a null pointer dereference vulnerability that allows local attackers to crash the application by tricking users into opening malicious files. This denial-of-service attack requires user interaction but causes service disruption with no mitigation patch currently available.

Denial-of-service in Adobe Substance 3D Designer version 15.1.0 and earlier stems from a null pointer dereference vulnerability that crashes the application when a user opens a malicious file. The attack requires no special privileges and relies solely on user interaction to trigger the crash. No patch is currently available for this vulnerability.

Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

HP OfficeJet Pro printers running affected firmware versions are susceptible to denial of service attacks through malformed Internet Printing Protocol (IPP) requests that prevent proper TCP connection establishment. An unauthenticated remote attacker can trigger this condition to disrupt printer availability, though no patch is currently available to mitigate the vulnerability.

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. [CVSS 4.7 MEDIUM]

Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. [CVSS 2.8 LOW]

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. [CVSS 5.5 MEDIUM]

Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) Standard Manageability within Ring 3: User Applications may allow a denial of service. Network adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. [CVSS 8.6 HIGH]

Out-of-bounds read in the firmware for some 100GbE Intel(R) Ethernet Network Adapter E810 before version cvl fw 1.7.6, cpk 1.3.7 within Ring 0: Bare Metal OS may allow a denial of service. [CVSS 6.5 MEDIUM]

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. [CVSS 5.3 MEDIUM]

Improper authorization in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. [CVSS 6.5 MEDIUM]

Loop with unreachable exit condition ('infinite loop') for some Intel(R) Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. [CVSS 6.0 MEDIUM]

Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. [CVSS 5.3 MEDIUM]

Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. [CVSS 6.0 MEDIUM]

Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. [CVSS 6.0 MEDIUM]

Null pointer dereference in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability within Ring 0: Kernel may allow a denial of service. Network adversary with an unauthenticated user combined with a high complexity attack may enable denial of service. [CVSS 6.8 MEDIUM]

An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c. [CVSS 5.5 MEDIUM]

A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. [CVSS 3.3 LOW]

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c. [CVSS 5.5 MEDIUM]

Businessobjects Business Intelligence Platform versions up to 430 contains a security vulnerability (CVSS 6.5).

Denial-of-service vulnerability in SAP Advanced Planning And Optimization and Supply Chain Management allows authenticated users to exhaust system resources by repeatedly calling a remote function module with oversized parameters, causing service unavailability. An attacker with standard user credentials and network access can trigger prolonged resource consumption that may render the affected system unresponsive. No patch is currently available.

Denial of service in SAP NetWeaver's JMS service stems from unsafe deserialization of malicious objects, allowing authenticated administrators with local access to crash the application. The vulnerability requires high privileges and local access but carries no risk to confidentiality or integrity. No patch is currently available.

Businessobjects Business Intelligence Platform versions up to 430 contains a security vulnerability (CVSS 7.5).

SumatraPDF versions 3.5.2 and earlier are vulnerable to a heap buffer over-read in the MOBI file parser due to incomplete bounds validation in the HuffDic decompressor, allowing attackers to crash the application by opening a malicious .mobi file. Public exploit code exists for this vulnerability. Local user interaction is required to trigger the vulnerability, and while denial of service is the primary impact, the out-of-bounds read could potentially leak sensitive memory contents.

Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server. [CVSS 6.5 MEDIUM]

Axios versions up to 0.30.3 is affected by improper check for unusual or exceptional conditions (CVSS 7.5).

Keycloak's JWT authorization grant flow fails to verify that an Identity Provider is enabled before accepting tokens signed by its key, allowing attackers with a disabled IdP's signing credentials to obtain valid access tokens. This authentication bypass affects organizations that have disabled IdPs due to compromise or offboarding but retain the associated signing keys. An attacker can exploit this to gain unauthorized access to systems relying on Keycloak for authentication.

FreeRDP proxy versions prior to 3.22.0 are vulnerable to denial of service when processing specially crafted RDP server responses that trigger a null pointer dereference in the logon information handler. An unauthenticated attacker controlling a malicious RDP server can crash the FreeRDP proxy by sending a LogonInfoV2 PDU with empty domain or username fields. This vulnerability has been patched in version 3.22.0 and later.

DNS recursive resolver denial-of-service via crafted zones and CNAME chain manipulation allows unauthenticated attackers to exhaust server resources and potentially poison the resolver's cache. The vulnerability affects Recursor instances exposed to untrusted DNS queries, enabling attackers to degrade performance or compromise DNS resolution integrity. No patch is currently available.

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs). [CVSS 5.3 MEDIUM]

A device has a stack-based buffer overflow in HTTP SESSION cookie processing allowing unauthenticated remote code execution.

GitLab AI Gateway's Duo Workflow Service has a CVSS 9.9 server-side template injection enabling code execution through the AI workflow system.

A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. [CVSS 3.3 LOW]

Coco Annotator versions up to 0.11.1. is affected by improper resource shutdown or release (CVSS 5.3).

Rate limiting for certain API calls is not being enforced, making HCL Velocity vulnerable to Denial of Service (DoS) attacks. An attacker could flood the system with a large number of requests, overwhelming its resources and causing it to become unresponsive to legitimate users. [CVSS 6.8 MEDIUM]

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. [CVSS 6.2 MEDIUM]

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. [CVSS 6.2 MEDIUM]

AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a 1000-byte buffer, causing the application to become unresponsive and terminate. [CVSS 6.2 MEDIUM]

AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license name field to trigger an application crash. [CVSS 6.2 MEDIUM]

AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license entry field to trigger an application crash. [CVSS 6.2 MEDIUM]

Core FTP Lite 1.3 contains a buffer overflow vulnerability in the username input field that allows attackers to crash the application by supplying oversized input. [CVSS 7.5 HIGH]

SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash. [CVSS 7.5 HIGH]

aSc TimeTables 2020.11.4 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Subject title field with a large buffer. [CVSS 7.5 HIGH]

Core FTP LE 2.2 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the account field with a large buffer. [CVSS 7.5 HIGH]

Memory exhaustion in AdonisJS @adonisjs/bodyparser prior to versions 10.1.3 and 11.0.0-next.9 allows unauthenticated remote attackers to trigger denial of service by uploading files that cause unbounded memory accumulation during multipart parsing. The vulnerable multipart handler fails to enforce memory limits while processing file type detection, enabling attackers to exhaust server resources and crash the application. No patch is currently available for affected installations.

Enclave versions up to 2.10.1 is affected by loop with unreachable exit condition (infinite loop) (CVSS 8.8).

The Rust time library versions 0.3.6 through 0.3.46 are vulnerable to denial of service through stack exhaustion when processing maliciously crafted RFC 2822 formatted input. An unauthenticated attacker can trigger recursive parsing of deprecated RFC 2822 features to exhaust stack memory and crash applications using affected versions. A patch implementing recursion depth limits is available in version 0.3.47 and later.

Tanium addressed a denial of service vulnerability in Tanium Client. [CVSS 3.3 LOW]

Unauthenticated attackers can retrieve sensitive InfluxDB credentials from FUXA versions through 1.2.9 due to missing authentication controls, enabling direct database access. An attacker exploiting this vulnerability can read, modify, or delete all historical process data and perform denial of service attacks by corrupting the database. FUXA 1.2.10 addresses this issue, but no patch is currently available for affected versions.

Denial of service in Gogs 0.13.3 and earlier allows authenticated users to crash the application by deleting repository files before synchronization. Public exploit code exists for this vulnerability, affecting self-hosted Git service deployments. A patch is available in versions 0.13.4 and 0.14.0+dev.

MuPDF versions 1.23.0 through 1.27.0 are vulnerable to a double-free memory corruption flaw in the display list rendering function that can be triggered through crafted barcode input during exception handling. Applications using MuPDF's barcode decoding feature can crash or potentially experience heap corruption when processing specially crafted files. Public exploit code exists for this vulnerability, and a patch is available.

Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.8 MEDIUM]

Free5GC versions up to 4.1.0 contain a denial of service vulnerability in the SMF component's ResolveNodeIdToIp function that can be exploited remotely without authentication. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected 5G network infrastructure at risk of service disruption.

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. [CVSS 6.5 MEDIUM]

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service. [CVSS 6.5 MEDIUM]

In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write beyond a heap-allocated array before authentication, reliably crashing the process and corrupting memory.

Tanium addressed an uncontrolled resource consumption vulnerability in Connect. [CVSS 4.3 MEDIUM]

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. [CVSS 5.3 MEDIUM]

Html contains a vulnerability that allows attackers to denial of service (DoS) if an attacker provides specially crafted HTML content (CVSS 5.3).

A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage. [CVSS 5.0 MEDIUM]

ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the password input field. [CVSS 7.5 HIGH]

Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. [CVSS 5.5 MEDIUM]

Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. [CVSS 8.4 HIGH]

ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. [CVSS 7.5 HIGH]

UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by manipulating VNC Server input. Attackers can generate a malformed 256-byte payload and paste it into the VNC Server connection dialog to trigger an application crash. [CVSS 7.5 HIGH]

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash. [CVSS 7.5 HIGH]

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. [CVSS 6.2 MEDIUM]

Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. [CVSS 6.2 MEDIUM]

Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. [CVSS 7.5 HIGH]

ZOC Terminal 7.25.5 contains a script processing vulnerability that allows local attackers to crash the application by loading a maliciously crafted REXX script file. [CVSS 6.2 MEDIUM]