CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-0088
https://notcve.org/view.php?id=CVE-2024-0088
A successful exploit of this vulnerability might lead to denial of service and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5535 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-0100
https://notcve.org/view.php?id=CVE-2024-0100
A successful exploit of this vulnerability might lead to denial of service and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5535 • CWE-73: External Control of File Name or Path •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-0087
https://notcve.org/view.php?id=CVE-2024-0087
A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5535 • CWE-73: External Control of File Name or Path •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32985 – Stellar-core's Overlay - security fix for DDoS mitigation
https://notcve.org/view.php?id=CVE-2024-32985
Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Prior to 20.4.0, core nodes could be randomly crashed due to a race condition with a 3rd party library. The likelihood of affecting the network is low since crashed nodes come back up online right away. Code fix mitigation is part of Stellar-core v20.4.0 release Stellar-core es una implementación de referencia para el agente peer-to-peer que gestiona la red Stellar. Antes de 20.4.0, los nodos principales podían bloquearse aleatoriamente debido a una condición de ejecución con una librería de terceros. • https://github.com/stellar/stellar-core/security/advisories/GHSA-mgx8-frjx-x33m • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34350 – Next.js Vulnerable to HTTP Request Smuggling
https://notcve.org/view.php?id=CVE-2024-34350
Antes de 13.5.1, una interpretación inconsistente de una solicitud HTTP manipulada significaba que Next.js trataba las solicitudes como una sola solicitud y como dos solicitudes separadas, lo que generaba respuestas desincronizadas. • https://github.com/vercel/next.js/security/advisories/GHSA-77r5-gw3j-2mpf • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •