CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2024-36416 – SuiteCRM v4 API Excessive log data DOS
https://notcve.org/view.php?id=CVE-2024-36416
Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. • https://github.com/kva55/CVE-2024-36416 https://docs.suitecrm.com/admin/releases/7.14.x https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-jrpp-22g3-2j77 • CWE-779: Logging of Excessive Data •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22279 – GoRouter Denial of Service Attack
https://notcve.org/view.php?id=CVE-2024-22279
Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale. • https://www.cloudfoundry.org/blog/cve-2024-22279-gorouter-denial-of-service-attack • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-28833 – Missing brute-force protection for two factor authentication
https://notcve.org/view.php?id=CVE-2024-28833
La restricción inadecuada de intentos de autenticación excesivos con métodos de autenticación de dos factores en Checkmk 2.3 anterior a 2.3.0p6 facilita la fuerza bruta de los mecanismos de segundo factor. • https://checkmk.com/werk/16830 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 4.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-39180 – Linux Kernel ksmbd Read Request Memory Leak Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-39180
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to create a denial-of-service condition on the system. •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36473 – Trend Micro VPN Proxy One Pro Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-36473
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges. Trend Micro VPN Proxy One Pro, versión 5.8.1012 y anteriores es vulnerable a un ataque de creación o sobrescritura de archivos arbitrario, pero está limitado a la denegación de servicio (DoS) local y, en condiciones específicas, puede provocar una elevación de privilegios. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro VPN Proxy One Pro. ... An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://helpcenter.trendmicro.com/en-us/article/tmka-07247 https://www.zerodayinitiative.com/advisories/ZDI-24-585 •