CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28760 – IBM App Connect Enterprise denial of service
https://notcve.org/view.php?id=CVE-2024-28760
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285244 https://www.ibm.com/support/pages/node/7150845 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.2EPSS: 0%CPEs: 9EXPL: 0CVE-2024-32995
https://notcve.org/view.php?id=CVE-2024-32995
Denial of service (DoS) vulnerability in the AMS module Impact: Successful exploitation of this vulnerability will affect availability. Vulnerabilidad de denegación de servicio (DoS) en el módulo AMS Impacto: la explotación exitosa de esta vulnerabilidad afectará la disponibilidad. • https://consumer.huawei.com/en/support/bulletin/2024/5 https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202405-0000001902628049 • CWE-248: Uncaught Exception •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5447 – Use-After-Free in Service for Hardware Support App for Fingerprint Driver
https://notcve.org/view.php?id=CVE-2023-5447
Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App. • https://www.synaptics.com/sites/default/files/2023-10/fingerprint-driver-HSAService-security-brief-2023-10-13.pdf • CWE-414: Missing Lock Check CWE-416: Use After Free •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34079 – octo-sts allows unauthenticated attackers to cause unbounded CPU and memory usage
https://notcve.org/view.php?id=CVE-2024-34079
octo-sts is a GitHub App that acts like a Security Token Service (STS) for the Github API. This vulnerability can spike the resource utilization of the STS service, and combined with a significant traffic volume could potentially lead to a denial of service. • https://github.com/octo-sts/app/commit/74ba874c017cf973edd6711144cf4399a9fcff57 https://github.com/octo-sts/app/security/advisories/GHSA-75r6-6jg8-pfcq • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38264 – IBM SDK, Java Technology Edition denial of service
https://notcve.org/view.php?id=CVE-2023-38264
The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. ... The IBM SDK, Java Technology Edition's Object Request Broker (ORB) is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth deserialization filters. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260578 https://www.ibm.com/support/pages/node/7150727 https://access.redhat.com/security/cve/CVE-2023-38264 https://bugzilla.redhat.com/show_bug.cgi?id=2279963 • CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data •