CVSS: 5.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-27461
https://notcve.org/view.php?id=CVE-2024-27461
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01164.html • CWE-276: Incorrect Default Permissions •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38652 – Ivanti Avalanche deleteSkin Directory Traversal Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2024-38652
Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37399 – Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-37399
A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService service, which listens on TCP port 1777 by default. ... An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36136
https://notcve.org/view.php?id=CVE-2024-36136
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 • CWE-193: Off-by-one Error •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-7567 – Rockwell Automation Micro850/870 Vulnerable to denial-of-service Vulnerability via CIP/Modbus Port
https://notcve.org/view.php?id=CVE-2024-7567
A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation Micro850/870 (2080 -L50E/2080 -L70E). • https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1684.html • CWE-400: Uncontrolled Resource Consumption •