dos mitigation

A remotely exploitable flaw in BIND 9 allows a malicious client to flood a server with DNS messages over TCP and drive the process into an unstable, unavailable state — an availability-impacting denial-of-service that can leave resolvers and authoritative servers unresponsive while the attack...

A recently disclosed vulnerability, tracked as CVE-2025-49630, allows an untrusted client to trigger an assertion failure inside Apache HTTP Server’s mod_proxy_http2 module in particular reverse-proxy configurations, producing a reliable denial-of-service (DoS) condition against affected...

A denial-of-service flaw in Oracle MySQL Server’s InnoDB engine—tracked as CVE-2025-50099—was disclosed in July 2025 and affects widely deployed MySQL release lines. The vulnerability can be triggered by an attacker with high privileges and network access and may cause the server process to hang...

gRPC’s HPACK parser contains a set of parsing/accounting flaws that allow a remote, unauthenticated attacker to force excessive memory allocation, trigger pathological CPU use, and in practice cause connection termination or full denial-of-service of gRPC endpoints unless libraries and products...

PostgreSQL has released a patch for CVE-2025-12817 — a low‑scoring but operationally meaningful authorization bug in the implementation of the CREATE STATISTICS command that allows a table owner to create statistics objects in schemas without checking whether they possess the schema-level CREATE...

Microsoft has assigned CVE‑2025‑59257 to a denial‑of‑service vulnerability in the Windows Local Session Manager (LSM) that, according to vendor metadata, allows an authorized attacker to crash or otherwise deny session services over a network; the issue is described as “improper validation of...