dos vulnerability

Redis administrators need to act now: a denial-of-service flaw tracked as CVE‑2025‑48367 allows an unauthenticated network connection to trigger repeated connection-level errors that can starve legitimate clients and render Redis instances unavailable until patched or otherwise mitigated. The...

Oracle’s MySQL Server was confirmed vulnerable to a Denial‑of‑Service and limited data‑modification issue when researchers publicly assigned CVE‑2025‑50085, a flaw rooted in the InnoDB storage engine that impacts a broad range of MySQL releases and requires high privileges to exploit over the...

A newly disclosed denial‑of‑service vulnerability in Oracle’s MySQL Server — tracked as CVE‑2025‑50080 — affects a broad range of MySQL releases and can cause sustained or persistent loss of availability by triggering hangs or repeated crashes in the server’s stored‑procedure handling code. The...

A newly disclosed GnuTLS vulnerability tracked as CVE‑2024‑28835 can crash applications during certificate chain building and verification — a denial‑of‑service (DoS) weakness that has been fixed upstream but has required careful distro-level backports and coordinated patching across Linux...

A segmentation fault in NASM’s ieee_segment routine quietly resurfaced as CVE‑2020‑21528: a small, narrowly scoped bug with outsized operational risk for build systems that accept untrusted assembly input. The flaw — rooted in outieee.c’s ieee_segment function — allowed a crafted assembly file...

A recently published Linux kernel vulnerability, tracked as CVE-2023-53367, fixes a memory leak in the Habana Labs accelerator driver (drivers/accel/habanalabs) that can be triggered during the driver’s management of user mappings when contexts are opened and hard resets occur. The issue does...

A critical denial-of-service vulnerability has been disclosed in the ubiquitous Python HTTP client library urllib3 that allows a remote server to trigger excessive CPU and memory consumption by specifying an unbounded chain of content encodings in an HTTP response; the flaw affects urllib3...

Microsoft’s Security Update Guide lists CVE-2025-62465 as a DirectX Graphics Kernel denial-of-service (DoS) vulnerability that can be triggered by a local, authorized actor and that Microsoft has cataloged for remediation in its update feed. Background / Overview CVE-2025-62465 is reported as a...

wolfSSL has patched a denial‑of‑service weakness in its TLS 1.3 handshake code after researchers discovered that a specially crafted ClientHello containing duplicate KeyShareEntry values for the same group can force excessive CPU and memory use during ClientHello processing, leading to...

Microsoft has published a security update addressing CVE-2025-60723, a race-condition vulnerability in the DirectX Graphics Kernel that can be manipulated by an authenticated, low‑privilege attacker to trigger a denial‑of‑service (DoS) on affected Windows hosts; Microsoft’s fix was released as...

Microsoft’s October security updates close a path to system instability in the DirectX graphics stack: CVE-2025-55698 is a null pointer dereference in the DirectX Graphics Kernel that can be triggered remotely by an authenticated, low-privileged attacker to cause a denial of service (DoS) and...

A denial-of-service weakness in ASP.NET Core identified as CVE-2023-36038 has forced .NET teams and Windows administrators to reassess the risk profile for applications running on the newest .NET 8 stack — particularly those hosted in IIS using the in‑process model — and to prioritize patching...

Schneider Electric has acknowledged a high-severity vulnerability in its Modicon M340 family and several M340 communication modules that can be triggered remotely by a specially crafted FTP command and may cause a denial-of-service condition; the flaw was assigned CVE‑2025‑6625 and carries a...

Siemens has confirmed a widespread denial-of-service (DoS) vulnerability affecting multiple models in the SIPROTEC 4 and SIPROTEC 4 Compact line that can be triggered remotely by an unauthenticated attacker during interrupted file-transfer operations; the issue is tracked as CVE-2024-52504 and...

Rockwell Automation’s FLEX 5000 I/O modules have been flagged in a fresh CISA advisory for a remotely exploitable input‑validation flaw that can render analog modules non‑responsive until a manual power cycle; the advisory names two CVEs, assigns a CVSS v4 base score of 8.7, and urges immediate...

A new alert has emerged from the Microsoft Security Response Center regarding CVE-2025-21179, a Denial-of-Service (DoS) vulnerability affecting the DHCP Client Service. While the published details remain succinct, Windows users and IT professionals alike should take note of the potential impact...

In today’s world of ever-evolving cybersecurity threats, even the stalwarts of enterprise IT infrastructure are not immune. Recently, Microsoft Security Response Center (MSRC) published details regarding CVE-2025-21347—a Denial of Service (DoS) vulnerability affecting Windows Deployment Services...

Buckle up, Windows aficionados—there's another security vulnerability in the wild that deserves your undivided attention. Microsoft has disclosed details of CVE-2025-21278, a Denial of Service (DoS) vulnerability targeting Windows Remote Desktop Gateway (RD Gateway). This one’s not just some...

Microsoft starts off 2025 with a security advisory that commands attention—CVE-2025-21389. Before you shrug this off as more cybersecurity jargon, let me assure you that the implications of this particular vulnerability are noteworthy, especially for anyone with a Windows-based endpoint or...

In the ever-evolving cat-and-mouse game of cybersecurity, there's a new player in town—CVE-2024-49113. This is not just another random string of letters and numbers, folks. It represents a new adversary in the form of a denial-of-service (DoS) vulnerability lurking within the Windows Lightweight...