Denial of Service

SQL injection in Fleet device management software before version 4.80.1 allows authenticated users to manipulate the order_key parameter and inject arbitrary SQL commands through improper identifier handling in ORDER BY clauses. An attacker with valid credentials can exploit this vulnerability to perform blind SQL injection attacks, potentially extracting sensitive database information or causing denial of service through resource exhaustion. No patch is currently available for this high-severity vulnerability affecting MySQL implementations.

Vikunja before version 2.0.0 contains a path traversal vulnerability in its backup restoration function that fails to validate file paths in ZIP archives, allowing attackers with high privileges to write arbitrary files to the host system. Public exploit code exists for this vulnerability, and malformed archives can trigger a denial of service that permanently wipes the database before crashing the application. The flaw affects Vikunja and the underlying Go platform, with no patch currently available.

Buffer overflow in parallel HNSW index build in pgvector 0.6.0 versions up to 0.8.1 is affected by integer underflow (CVSS 8.1).

Gitlab versions up to 18.7.5 is affected by allocation of resources without limits or throttling (CVSS 6.5).

Denial of service in FreeRDP prior to version 3.23.0 allows a malicious RDP server to crash the client application through a missing bounds check in smartcard packet handling. This vulnerability affects users who have explicitly enabled smartcard redirection, and public exploit code exists. The crash is triggered via assertion failure in builds with verbose assert checking enabled, which is the default configuration in FreeRDP 3.22.0.

Gitlab versions up to 18.9.0 is affected by allocation of resources without limits or throttling (CVSS 5.3).

Gitlab versions up to 18.7.5 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Gitlab versions up to 18.7.5 is affected by inefficient regular expression complexity (redos) (CVSS 7.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted files to the container registry event endpoint under certain conditions. [CVSS 7.5 HIGH]

Local denial of service in Windows CLFS.sys driver allows unprivileged users to crash the system through improper handling of special elements. Affected versions include Windows 11 2024 LTSC and Windows Server 2025 prior to the September 2025 cumulative update, while Windows 25H2 and later contain the patch. No public exploit code is currently available, and the vulnerability carries a CVSS score of 5.5 with zero estimated probability of exploitation.

FreeRDP is a free implementation of the Remote Desktop Protocol. [CVSS 4.3 MEDIUM]

Gitlab versions up to 18.7.5 is affected by allocation of resources without limits or throttling (CVSS 6.5).

Device reload in Cisco APIC's Object Model CLI component allows authenticated local users to trigger a denial of service through insufficient input validation on crafted commands. An attacker with valid credentials and CLI access can exploit this vulnerability to crash the affected device, though no patch is currently available. This vulnerability affects systems where attackers can obtain legitimate user credentials with appropriate role permissions.

Cisco Nexus 3600 and 9500-R switches are vulnerable to Layer 2 traffic loops when processing maliciously crafted EVPN frames, allowing unauthenticated adjacent attackers to trigger a denial of service condition by overwhelming network bandwidth. An attacker can exploit this logic error in Layer 2 ingress packet processing by sending crafted Ethernet frames, causing VxLAN traffic loops that drop all data plane traffic. No patch is currently available for this vulnerability.

Improper SNMP request parsing in Cisco Nexus 9000 Series switches running ACI mode allows authenticated remote attackers to trigger kernel panics and device reloads by sending specially crafted queries to specific MIBs. An attacker with valid SNMP read-only community credentials can exploit this vulnerability across SNMP versions 1, 2c, and 3 to achieve denial of service. No patch is currently available for this vulnerability.

Cisco Nexus 9000 Series Fabric Switches in ACI mode contains a vulnerability that allows attackers to cause the device to reload unexpectedly, resulting in a DoS condition (CVSS 7.4).

Cisco NX-OS devices can be forced to reload through a crafted LLDP packet sent by an adjacent, unauthenticated attacker, causing a denial of service condition. The vulnerability stems from improper frame field validation in the LLDP process, exploitable only from directly connected network segments. No patch is currently available for affected systems.

Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE (CircuitBreaker modules), KrakenD, SLU KrakenD-EE (CircuitBreaker modules). This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5.

Wireshark versions 4.4.0-4.4.13 and 4.6.0-4.6.3 crash when processing malformed RF4CE Profile protocol packets, enabling local denial of service attacks through user interaction. An attacker can trigger an out-of-bounds read by supplying a specially crafted packet file to a target user, causing the application to become unavailable. No patch is currently available for this vulnerability.

NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service [CVSS 4.7 MEDIUM]

Wireshark 4.6.0-4.6.3 and 4.4.0-4.4.13 can be crashed through memory exhaustion in the USB HID protocol dissector when processing malformed packets. A local attacker with the ability to trigger packet analysis can cause a denial of service condition, and public exploit code exists for this vulnerability. No patch is currently available.

Zae-Limiter versions up to 0.10.1 is affected by allocation of resources without limits or throttling (CVSS 4.3).

iccDEV provides a set of libraries and tools for working with ICC color management profiles. [CVSS 7.1 HIGH]

iccDEV provides a set of libraries and tools for working with ICC color management profiles. [CVSS 6.2 MEDIUM]

Denial of Service in Red Hat Developer Hub's Orchestrator Plugin allows authenticated users to crash the entire Backstage application through malformed GraphQL queries due to insufficient input validation. An attacker can leverage this to temporarily disable platform access for all legitimate users. No patch is currently available to address this vulnerability.

SQL injection in the SPIP interface_traduction_objets plugin before version 2.2.2 allows authenticated editors to execute arbitrary database queries through unsanitized input in translation request parameters. Attackers can exploit this to read, modify, or delete database contents, or cause denial of service. A patch is available and should be applied immediately to affected installations.

Wasmtime's HTTP header handling in the wasmtime-wasi-http crate crashes when processing excessive header fields, allowing remote attackers to trigger denial of service against applications embedding Wasmtime. The vulnerability affects versions prior to 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0, and has been patched to return a controlled trap instead of panicking. Embedders should update immediately to mitigate this DoS vector.

Uncontrolled resource allocation in Wasmtime's WASI host interfaces allows authenticated guests to trigger denial of service on the host system by exhausting resources without proper limits. Affected versions prior to 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0 require explicit configuration to mitigate this issue, though Wasmtime 42.0.0 and later provide secure defaults. No patch is currently available for older versions, and resource exhaustion protections must be manually enabled.

Fiber web framework versions 2 and 3 are vulnerable to denial of service attacks when processing requests to routes containing more than 30 parameters, enabling remote attackers to crash affected applications without authentication. The vulnerability stems from insufficient validation during route registration and unbounded array writes in request matching logic. Public exploit code exists for this high-severity flaw, though patches are available in Fiber v2.52.12 and v3.1.0.

Unauthenticated attackers can bypass FASP administrator approval in Mastodon 4.4.0-4.4.13 and 4.5.0-4.5.6 to subscribe to account events and request content backfill, affecting only servers with the experimental FASP feature enabled. While individual requests cause minor information disclosure of publicly available URIs, repeated exploitation enables denial-of-service attacks. A patch is available to address this authorization bypass.

Insecure .NET Remoting deserialization in Altec DocLink (Beyond Limits) 4.0.336.0. Exposed TCP endpoints allow unauthenticated remote code execution via .NET Remoting deserialization attacks.

SonicOS firewalls are vulnerable to a post-authentication out-of-bounds read that permits authenticated remote attackers to trigger a denial-of-service condition by crashing the device. The medium-severity vulnerability requires high-level privileges and has no available patch, leaving affected deployments potentially exposed until remediation is released.

SonicOS firewalls are vulnerable to denial-of-service attacks when an authenticated remote attacker triggers a null pointer dereference, causing the device to crash. This post-authentication flaw affects firewall availability but requires valid credentials to exploit. No patch is currently available.

SonicOS firewalls are vulnerable to a post-authentication format string vulnerability that permits authenticated remote attackers to trigger a denial of service condition and crash the affected device. The attack requires valid credentials but can be executed over the network without user interaction. No patch is currently available for this vulnerability.

X5000R Firmware versions up to 9.1.0cu.2415_b20250515 is affected by uncontrolled resource consumption (CVSS 7.5).

IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. [CVSS 7.5 HIGH]

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to denial of service through a use-after-free flaw in the MSL interpreter when processing malformed map elements. An unauthenticated attacker can trigger a crash by crafting a specially formatted image file, disrupting service availability. No patch is currently available, leaving affected systems vulnerable.

Imagemagick versions up to 7.1.2-15 is affected by loop with unreachable exit condition (infinite loop) (CVSS 6.2).

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to denial of service when processing maliciously crafted image profiles containing invalid IPTC data, which triggers an infinite loop during IPTCTEXT writing operations. An attacker can exploit this by supplying a specially crafted image file to cause the application to hang or consume excessive resources. No patch is currently available for affected systems.

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to denial of service when processing maliciously crafted SVG files due to an off-by-one error in boundary validation. An unauthenticated remote attacker can trigger an integer underflow by bypassing the flawed size check, causing the application to crash or become unresponsive. No patch is currently available for affected deployments.

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 contain a memory leak in the MSL parser where improper stack index management causes images to remain allocated after error conditions. An attacker could trigger this vulnerability by supplying a specially crafted image file, potentially leading to denial of service through resource exhaustion. No patch is currently available for affected systems.

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 5.3 MEDIUM]

Imagemagick versions up to 7.1.2-15 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Medium severity vulnerability in ImageMagick. A heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectly reads bytes per iteration. This causes the function to read past the end of the allocated buffer, potentially leading to a Denial of Service (crash) or Information Disclosure (leaking heap memory into the image).

A signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed 32-bit integers overflows. ``` AddressSanitizer:DEADLYSIGNAL ================================================================= ==143838==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 #0 0x7f379d5adb53 (/lib/x86_64-linux-gnu/libc.so.6+0xc4b53) ```

ImageMagick versions prior to 7.1.2-15 contain a memory leak in the ASHLAR image coder where allocated memory fails to release upon exception handling, potentially causing denial of service through resource exhaustion on affected systems. An unauthenticated remote attacker can trigger this condition by processing specially crafted ASHLAR image files. No patch is currently available.

Stack-based buffer overflow in ImageMagick versions before 7.1.2-15 allows remote attackers to crash the application and potentially corrupt memory by submitting specially crafted FTXT image files. The vulnerability requires high complexity to exploit but impacts both confidentiality and availability of affected systems. No patch is currently available for this HIGH severity issue (CVSS 7.4).

ImageMagick's UIL and XPM image encoders fail to validate pixel index values before using them as array subscripts, allowing an attacker to craft malicious images that trigger out-of-bounds reads in HDRI builds. Exploitation can result in information disclosure or denial of service through process crashes. Versions prior to 7.1.2-15 and 6.9.13-40 are affected, and no patch is currently available.

Memory exhaustion denial of service in Astro 9.0.0 through 9.5.3 allows remote attackers to crash server processes by sending oversized POST requests to server action endpoints without size restrictions. The framework buffers entire request bodies into memory with no limits, enabling a single large request to exhaust heap memory on affected deployments. Public exploit code exists for this vulnerability, which is particularly impactful in containerized environments where repeated crashes trigger persistent restart loops.

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 5.3 MEDIUM]

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 5.3 MEDIUM]

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 5.3 MEDIUM]

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 5.3 MEDIUM]

Integer overflow in ImageMagick's UHDR image decoder allows remote attackers to trigger heap buffer overflows by supplying specially crafted images with large dimensions, potentially crashing the application or corrupting heap memory. The vulnerability affects ImageMagick versions prior to 7.1.2-15 and requires no user interaction or authentication to exploit. Organizations using vulnerable versions should upgrade immediately, as no workaround is available.

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 contain a memory leak in the MSL image coder that allows unauthenticated remote attackers to cause denial of service through resource exhaustion when processing specially crafted MSL image files. The vulnerability exists because the WriteMSLImage function fails to release allocated memory during early function returns. An attacker can exploit this over the network without authentication to exhaust server memory and crash the application.

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 5.3 MEDIUM]

Denial of service in New API's `/api/token/search` endpoint allows authenticated users to exhaust database resources through SQL wildcard injection in unescaped search parameters. An attacker can craft malicious search patterns that trigger expensive queries, causing service unavailability. Public exploit code exists for this medium-severity vulnerability affecting versions prior to 0.10.8-alpha.10.

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 7.5 HIGH]

ImageMagick and Magick.NET fail to properly validate nested MVG-to-SVG conversions, allowing unauthenticated remote attackers to trigger denial of service conditions. Affected versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to resource exhaustion attacks through specially crafted image files. A patch is available for both products.

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 have a NULL Pointer Dereference vulnerability. [CVSS 7.5 HIGH]

free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow (CWE-122) vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

free5GC is an open-source project for 5th generation (5G) mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Argument injection in TOTOLINK X5000R router v9.1.0cu via setDiagnosisCfg handler allows unauthenticated remote code execution. EPSS 2.0% with PoC available.

Out-of-bounds read in Valkey clusterbus port processing allows network-adjacent attackers to crash affected systems by sending specially crafted packets that bypass buffer validation checks. This vulnerability affects Valkey versions prior to 9.0.2, 8.1.6, 8.0.7, and 7.2.12, impacting any deployment exposing the clusterbus port to untrusted networks. Patches are available and administrators should restrict clusterbus access with network ACLs as an immediate mitigation.

saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c. [CVSS 4.0 MEDIUM]

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. [CVSS 7.2 HIGH]

Student Result Management System versions up to 1.0 is affected by improper resource shutdown or release (CVSS 6.5).

The deleteBackup function in Dst Admin up to version 1.5.0 contains an improper resource handling flaw that permits authenticated remote attackers to trigger denial of service conditions. Public exploit code is available for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires valid credentials but no user interaction, making it actionable in environments where access controls are weak.

Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'klima' parameter. [CVSS 8.2 HIGH]

SQL injection in Web Ofisi Emlak v2. PoC available.

NoviSmart CMS contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the Referer HTTP header field. [CVSS 8.2 HIGH]

A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips_source_read_to_memory of the file libvips/iofuncs/source.c. [CVSS 2.5 LOW]

A security vulnerability has been detected in aardappel lobster up to 2025.4. This impacts the function lobster::TypeName in the library dev/src/lobster/idents.h. [CVSS 3.3 LOW]

OpenClaw versions 2026.2.17 and earlier fail to enforce payload size limits in the ACP bridge, allowing local clients to trigger denial of service through excessively large prompt inputs that consume system resources. This vulnerability primarily impacts IDE integrations and other local ACP clients that may inadvertently send oversized text blocks. The issue has been patched in version 2026.2.19.

BigBlueButton versions 3.0.21 and below allow remote denial of service when ClamAV is configured following official documentation, as the exposed clamd ports (3310, 7357) can be targeted by attackers to send malicious documents that exhaust server resources or crash the scanning service. This vulnerability affects Ubuntu and Docker deployments since standard firewall rules do not restrict container traffic, and public exploit code exists. An unauthenticated remote attacker requires only network access to trigger the denial of service condition.

Prototype pollution in Swiper versions 6.5.1 through 12.1.1 allows local authenticated attackers to manipulate Object.prototype through improperly validated user input, enabling authentication bypass, denial of service, and remote code execution. Public exploit code exists for this vulnerability, which affects applications on Linux and Windows using Node.js or Bun runtimes. A patch is available and should be applied immediately to affected systems processing untrusted input.

eBay API MCP Server's ebay_set_user_tokens tool fails to validate environment variable inputs in the updateEnvFile function, allowing authenticated attackers to inject arbitrary variables into the .env configuration file. An attacker with login credentials can exploit this to overwrite existing configurations, trigger denial of service conditions, or achieve remote code execution through malicious environment variable injection. No patch is currently available for this vulnerability affecting all versions of the AI/ML product.

Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field that allows local attackers to crash the application by supplying an excessively long string. [CVSS 6.2 MEDIUM]

SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. [CVSS 7.5 HIGH]

An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.

This affects versions of the package bn.j versions up to 5.2.3. is affected by loop with unreachable exit condition (infinite loop) (CVSS 5.3).

Minimatch versions 10.2.0 and below suffer from catastrophic backtracking in regular expression processing when glob patterns contain multiple consecutive wildcards, enabling denial of service attacks with exponential time complexity. Applications that process user-supplied glob patterns are vulnerable to CPU exhaustion, with worst-case scenarios causing indefinite hangs; public exploit code exists for this vulnerability. The issue is resolved in version 10.2.1.

Calibre versions 9.2.1 and below allow authenticated users to write arbitrary files with any extension to any writable location via path traversal in PDB file readers, potentially enabling code execution or system compromise through file overwriting. The vulnerability affects both 132-byte and 202-byte PDB header variants and silently overwrites existing files without warning. Public exploit code exists and patches are available in version 9.3.0 and later.

OpenClaw versions prior to 2026.2.15 expose Telegram bot tokens in error messages and logs without redaction, allowing attackers who gain access to these logs to impersonate the bot and hijack its API access. This credential disclosure affects users of the AI assistant across systems where logs, crash reports, or support bundles are generated. Users must upgrade to version 2026.2.15 and rotate exposed Telegram bot tokens immediately.

Geth versions prior to 1.16.9 can be remotely crashed by sending a specially crafted message over the network, allowing unauthenticated attackers to cause denial of service against Ethereum nodes. This vulnerability in Go Ethereum's message handling requires no user interaction and affects the availability of affected nodes. Patched versions 1.16.9 and 1.17.0 are available to remediate this issue.

Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet

Nanazip versions up to 6.0.1630.0 is affected by loop with unreachable exit condition (infinite loop) (CVSS 7.5).

Denial-of-service in Stalwart Mail Server versions 0.13.0 through 0.15.4 allows authenticated users to crash the server by sending a specially crafted email with malformed nested MIME parts through IMAP or JMAP, triggering infinite loops and resource exhaustion. The vulnerability requires valid credentials to exploit and public exploit code exists, but no patch is currently available for affected versions.

NanaZip versions 5.0.1252.0 through 6.0.1629.0 contain an out-of-bounds heap read in the .NET Single File bundle parser that can crash the application or expose sensitive heap memory when processing malicious archive files. A local attacker with user privileges can exploit this vulnerability by crafting a specially formatted file, and public exploit code is currently available. No patch is yet available for affected users.