CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41131 – Out-of-bounds Write in SixLabors ImageSharp
https://notcve.org/view.php?id=CVE-2024-41131
This can potentially lead to denial of service. • https://github.com/SixLabors/ImageSharp/commit/9dda64a8186af67baf06b6d9c1ab599c3608b693 https://github.com/SixLabors/ImageSharp/commit/a1f287977139109a987065643b8172c748abdadb https://github.com/SixLabors/ImageSharp/pull/2754 https://github.com/SixLabors/ImageSharp/pull/2756 https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-63p8-c4ww-9cg7 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-38435 – Unitronics Vision PLC - CWE-703: Improper Check or Handling of Exceptional Conditions
https://notcve.org/view.php?id=CVE-2024-38435
Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service Unitronics Vision PLC – CWE-703: La verificación o el manejo inadecuado de condiciones excepcionales pueden permitir la denegación de servicio • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-32007 – Apache CXF Denial of Service vulnerability in JOSE
https://notcve.org/view.php?id=CVE-2024-32007
An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. ... This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. • https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633 https://access.redhat.com/security/cve/CVE-2024-32007 https://bugzilla.redhat.com/show_bug.cgi?id=2298828 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-41492
https://notcve.org/view.php?id=CVE-2024-41492
A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. Un desbordamiento de pila en Tenda AX1806 v1.0.0.1 permite a los atacantes provocar una denegación de servicio (DoS) a través de una entrada manipulada. • https://gist.github.com/Swind1er/4176fdc25e415296904c9fb19e2f8293 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35199 – TorchServe gRPC Port Exposure
https://notcve.org/view.php?id=CVE-2024-35199
En las versiones afectadas, los dos puertos gRPC 7070 y 7071 no están vinculados a [localhost](http://localhost/) de forma predeterminada, por lo que cuando se inicia TorchServe, estas dos interfaces están vinculadas a todas las interfaces. • https://github.com/pytorch/serve/pull/3083 https://github.com/pytorch/serve/releases/tag/v0.11.0 https://github.com/pytorch/serve/security/advisories/GHSA-hhpg-v63p-wp7w • CWE-668: Exposure of Resource to Wrong Sphere •