CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33601 – nscd: netgroup cache may terminate daemon on memory allocation failure
https://notcve.org/view.php?id=CVE-2024-33601
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. • http://www.openwall.com/lists/oss-security/2024/07/22/5 https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html https://security.netapp.com/advisory/ntap-20240524-0014 https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007 https://access.redhat.com/security/cve/CVE-2024-33601 https://bugzilla.redhat.com/show_bug.cgi?id=2277205 • CWE-617: Reachable Assertion CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33599 – nscd: Stack-based buffer overflow in netgroup cache
https://notcve.org/view.php?id=CVE-2024-33599
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. ... In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity. • http://www.openwall.com/lists/oss-security/2024/07/22/5 https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html https://security.netapp.com/advisory/ntap-20240524-0011 https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005 https://access.redhat.com/security/cve/CVE-2024-33599 https://bugzilla.redhat.com/show_bug.cgi?id=2277202 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-34250
https://notcve.org/view.php?id=CVE-2024-34250
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br" function in core/iwasm/interpreter/wasm_loader.c. • https://github.com/bytecodealliance/wasm-micro-runtime/issues/3346 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-34251
https://notcve.org/view.php?id=CVE-2024-34251
An out-of-bound memory read vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause a denial of service via the "block_type_get_arity" function in core/iwasm/interpreter/wasm.h. • https://github.com/bytecodealliance/wasm-micro-runtime/issues/3347 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-34506
https://notcve.org/view.php?id=CVE-2024-34506
If a user with the necessary rights to move the page opens Special:MovePage for a page with tens of thousands of subpages, then the page will exceed the maximum request time, leading to a denial of service. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY https://phabricator.wikimedia.org/T357760 • CWE-400: Uncontrolled Resource Consumption •