CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35176 – REXML contains a denial of service vulnerability
https://notcve.org/view.php?id=CVE-2024-35176
The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an attribute value. ... The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an attribute value. • https://github.com/ruby/rexml/commit/4325835f92f3f142ebd91a3fdba4e1f1ab7f1cfb https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh https://www.ruby-lang.org/en/news/2024/05/16/dos-rexml-cve-2024-35176 https://access.redhat.com/security/cve/CVE-2024-35176 https://bugzilla.redhat.com/show_bug.cgi? • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27243 – Zoom Apps - Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-27243
Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24014 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-20394
https://notcve.org/view.php?id=CVE-2024-20394
A vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the inability to handle unexpected input. An attacker who has local device access could exploit this vulnerability by sending an HTTP request to the targeted service. A successful exploit could allow the attacker to cause a DoS condition by stopping the Network Agent Service on the local device. Una vulnerabilidad en Cisco AppDynamics Network Visibility Agent podría permitir que un atacante local no autenticado provoque una condición de denegación de servicio (DoS) en un dispositivo afectado. ... Un exploit exitoso podría permitir al atacante provocar una condición DoS al detener el servicio del Agente de red en el dispositivo local. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-netvisdos-9zNbsJtK • CWE-20: Improper Input Validation •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-7258 – Denial-of-Service in Gvisor
https://notcve.org/view.php?id=CVE-2023-7258
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. • https://github.com/google/gvisor/commit/6a112c60a257dadac59962e0bc9e9b5aee70b5b6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-31482
https://notcve.org/view.php?id=CVE-2024-31482
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. ... Existe una vulnerabilidad de denegación de servicio (DoS) no autenticada en el servicio de código de escape ANSI al que se accede a través del protocolo PAPI. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •