CVE-2024-9953 – Potential DoS Vulnerability in CERT VINCE Software Before Version 3.0.8
https://notcve.org/view.php?id=CVE-2024-9953
A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. ... This can lead to a potential DoS on the server when the user's profile is accessed. ... A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. An authenticated administrative user can inject an arbitrary pickle object into a user’s profile, which may lead to a DoS condition when the profile is accessed. • https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity • CWE-502: Deserialization of Untrusted Data •
CVE-2024-47831 – Next.js image optimization has Denial of Service condition
https://notcve.org/view.php?id=CVE-2024-47831
Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a potential Denial of Service (DoS) condition which could lead to excessive CPU consumption. • https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a https://github.com/vercel/next.js/security/advisories/GHSA-g77x-44xx-532m • CWE-674: Uncontrolled Recursion •
CVE-2024-8184 – Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
https://notcve.org/view.php?id=CVE-2024-8184
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. • https://github.com/jetty/jetty.project/pull/11723 https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq https://gitlab.eclipse.org/security/cve-assignement/-/issues/30 • CWE-400: Uncontrolled Resource Consumption •
CVE-2024-6762 – Jetty PushSessionCacheFilter can cause remote DoS attacks
https://notcve.org/view.php?id=CVE-2024-6762
Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory. • https://github.com/jetty/jetty.project/pull/10755 https://github.com/jetty/jetty.project/pull/10756 https://github.com/jetty/jetty.project/pull/9715 https://github.com/jetty/jetty.project/pull/9716 https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79 https://gitlab.eclipse.org/security/cve-assignement/-/issues/24 • CWE-400: Uncontrolled Resource Consumption •
CVE-2024-9823 – Jetty DOS vulnerability on DosFilter
https://notcve.org/view.php?id=CVE-2024-9823
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. • https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h https://gitlab.eclipse.org/security/cve-assignement/-/issues/39 https://github.com/jetty/jetty.project/issues/1256 • CWE-400: Uncontrolled Resource Consumption •