CVSS: 5.5EPSS: 0%CPEs: 43EXPL: 0CVE-2023-51777
https://notcve.org/view.php?id=CVE-2023-51777
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. Vulnerabilidad de denegación de servicio (DoS) en Jungo WinDriver anterior a 12.1.0 permite a atacantes locales provocar un error de pantalla azul de Windows. • https://jungo.com/windriver/versions https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37298 – Potential memory exhaustion attack due to sparse slice deserialization
https://notcve.org/view.php?id=CVE-2024-37298
Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could trigger memory exhaustion and lead to a denial of service. • https://github.com/gorilla/schema/blob/main/decoder.go#L223 https://github.com/gorilla/schema/commit/cd59f2f12cbdfa9c06aa63e425d1fe4a806967ff https://github.com/gorilla/schema/security/advisories/GHSA-3669-72x9-r9p3 https://access.redhat.com/security/cve/CVE-2024-37298 https://bugzilla.redhat.com/show_bug.cgi?id=2295010 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38477 – Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
https://notcve.org/view.php?id=CVE-2024-38477
A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service. • https://httpd.apache.org/security/vulnerabilities_24.html https://security.netapp.com/advisory/ntap-20240712-0001 https://access.redhat.com/security/cve/CVE-2024-38477 https://bugzilla.redhat.com/show_bug.cgi?id=2295016 • CWE-476: NULL Pointer Dereference •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36387 – Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2
https://notcve.org/view.php?id=CVE-2024-36387
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. Ofrecer actualizaciones del protocolo WebSocket a través de una conexión HTTP/2 podría provocar una desreferencia del puntero nulo, lo que provocaría una falla del proceso del servidor y degradaría el rendimiento. A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process. • https://httpd.apache.org/security/vulnerabilities_24.html https://security.netapp.com/advisory/ntap-20240712-0001 https://access.redhat.com/security/cve/CVE-2024-36387 https://bugzilla.redhat.com/show_bug.cgi?id=2295006 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-21586 – Junos OS: SRX Series and NFX Series: Specific valid traffic leads to a PFE crash
https://notcve.org/view.php?id=CVE-2024-21586
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition. This issue affects Junos OS on SRX Series: * 21.4 versions before 21.4R3-S7.9, * 22.1 versions before 22.1R3-S5.3, * 22.2 versions before 22.2R3-S4.11, * 22.3 versions before 22.3R3, * 22.4 versions before 22.4R3. This issue affects Junos OS on NFX Series: * 21.4 versions before 21.4R3-S8, * 22.1 versions after 22.1R1, * 22.2 versions before 22.2R3-S5, * 22.3 versions before 22.3R3, * 22.4 versions before 22.4R3. Junos OS versions prior to 21.4R1 are not affected by this issue. Una verificación inadecuada de la vulnerabilidad de condiciones inusuales o excepcionales en el motor de reenvío de paquetes (PFE) de Juniper Networks Junos OS en la serie SRX permite que un atacante basado en red no autenticado provoque una denegación de servicio (DoS). Si un dispositivo de la serie SRX recibe tráfico válido específico destinado al dispositivo, provocará que el PFE falle y se reinicie. La recepción y procesamiento continuo de este tráfico creará una condición DoS sostenida. • https://supportportal.juniper.net/JSA83195 • CWE-754: Improper Check for Unusual or Exceptional Conditions •