CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1975 – SIG(0) can be used to exhaust CPU resources
https://notcve.org/view.php?id=CVE-2024-1975
This issue can lead to a denial of service. • http://www.openwall.com/lists/oss-security/2024/07/23/1 https://kb.isc.org/docs/cve-2024-1975 http://www.openwall.com/lists/oss-security/2024/07/31/2 https://access.redhat.com/security/cve/CVE-2024-1975 https://bugzilla.redhat.com/show_bug.cgi?id=2298901 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1737 – BIND's database will be slow if a very large number of RRs exist at the same name
https://notcve.org/view.php?id=CVE-2024-1737
This vulnerability may lead to a denial of service. • http://www.openwall.com/lists/oss-security/2024/07/23/1 https://kb.isc.org/docs/cve-2024-1737 https://kb.isc.org/docs/rrset-limits-in-zones http://www.openwall.com/lists/oss-security/2024/07/31/2 https://access.redhat.com/security/cve/CVE-2024-1737 https://bugzilla.redhat.com/show_bug.cgi?id=2298893 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41836 – Adobe Indesign 2024 GIF File Parsing Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2024-41836
InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. ... Las versiones ID18.5.2, ID19.3 y anteriores de InDesign Desktop se ven afectadas por una vulnerabilidad de desreferencia de puntero nulo que podría provocar una denegación de servicio (DoS) de la aplicación. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-476: NULL Pointer Dereference •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-39702
https://notcve.org/view.php?id=CVE-2024-39702
In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during string interning) allows HashDoS (Hash Denial of Service) attacks. An attacker could cause excessive resource usage during proxy operations via crafted requests, potentially leading to a denial of service with relatively few incoming requests. • https://openresty.org/en/ann-1025003002.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40634 – Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint
https://notcve.org/view.php?id=CVE-2024-40634
This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to service disruption by triggering an Out Of Memory (OOM) kill. ... This flaw allows an unauthenticated attacker to send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation leading to service disruption by triggering an out-of-memory (OOM) kill. • https://github.com/argoproj/argo-cd/commit/46c0c0b64deaab1ece70cb701030b76668ad0cdc https://github.com/argoproj/argo-cd/commit/540e3a57b90eb3655db54793332fac86bcc38b36 https://github.com/argoproj/argo-cd/commit/d881ee78949e23160a0b280bb159e4d3d625a4df https://github.com/argoproj/argo-cd/security/advisories/GHSA-jmvp-698c-4x3w https://access.redhat.com/security/cve/CVE-2024-40634 https://bugzilla.redhat.com/show_bug.cgi?id=2299473 • CWE-400: Uncontrolled Resource Consumption •