CVE-2024-6959 – Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-6959
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack when uploading an audio file. ... The vulnerability leads to service disruption, resource exhaustion, and extended downtime. Una vulnerabilidad en la versión 9.8 de parisneo/lollms-webui permite un ataque de denegación de servicio (DOS) al cargar un archivo de audio. • https://huntr.com/bounties/6394d32e-f35c-418a-95b8-e7254ed0bc8e • CWE-400: Uncontrolled Resource Consumption •
CVE-2024-38365 – btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality
https://notcve.org/view.php?id=CVE-2024-38365
This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). • https://delvingbitcoin.org/t/cve-2024-38365-public-disclosure-btcd-findanddelete-bug/1184 https://github.com/btcsuite/btcd/commit/04469e600e7d4a58881e2e5447d19024e49800f5 https://github.com/btcsuite/btcd/releases/tag/v0.24.2 https://github.com/btcsuite/btcd/security/advisories/GHSA-27vh-h6mc-q6g8 • CWE-670: Always-Incorrect Control Flow Implementation •
CVE-2024-47506 – Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash
https://notcve.org/view.php?id=CVE-2024-47506
A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. • https://supportportal.juniper.net/JSA88137 • CWE-833: Deadlock •
CVE-2024-47509 – Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #3
https://notcve.org/view.php?id=CVE-2024-47509
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. • https://supportportal.juniper.net • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2024-47508 – Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #2
https://notcve.org/view.php?id=CVE-2024-47508
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. • https://supportportal.juniper.net • CWE-770: Allocation of Resources Without Limits or Throttling •