CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-45196 – Adminer and AdminerEvo denial of service via HTTP redirect
https://notcve.org/view.php?id=CVE-2023-45196
Adminer and AdminerEvo allow an unauthenticated remote attacker to cause a denial of service by connecting to an attacker-controlled service that responds with HTTP redirects. The denial of service is subject to PHP configuration limits. • https://github.com/adminerevo/adminerevo/pull/102/commits/23e7cdc0a32b3739e13d19ae504be0fe215142b6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-37681
https://notcve.org/view.php?id=CVE-2024-37681
., Ltd v1.0.1 allows a remote attacker to cause a denial of service via the index.html component. • https://github.com/dabaizhizhu/123/issues/6 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45785
https://notcve.org/view.php?id=CVE-2021-45785
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, causing a DoS attack. The attacker must craft a webpage that would perform a GET request to the /api/v1/admin/restart endpoint, then the victim (who has sufficient privileges), would visit the page and the server restart would begin. ... TruDesk Help Desk/Ticketing Solution v1.1.11 es vulnerable a un ataque de Cross-Site Request Forgery (CSRF) que permitiría a un atacante reiniciar el servidor, provocando un ataque DoS. El atacante debe crear una página web que realice una solicitud GET al endpoint /api/v1/admin/restart, luego la víctima (que tiene privilegios suficientes) visitará la página y comenzará el reinicio del servidor. • https://1d8.github.io/cves/cve_2021_45785 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-6239 – Poppler: pdfinfo: crash in broken documents when using -dests parameter
https://notcve.org/view.php?id=CVE-2024-6239
By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. • https://access.redhat.com/security/cve/CVE-2024-6239 https://bugzilla.redhat.com/show_bug.cgi?id=2293594 https://access.redhat.com/errata/RHSA-2024:5305 https://access.redhat.com/errata/RHSA-2024:9167 • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-3036 – Communication DoS vulnerability
https://notcve.org/view.php?id=CVE-2024-3036
Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited this vulnerability could cause services to crash by sending specifically crafted messages. This issue affects 800xA Base: from 6.0.0 through 6.1.1-2. • https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-20: Improper Input Validation •