CVE-2024-9468 – PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet
https://notcve.org/view.php?id=CVE-2024-9468
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode. • https://security.paloaltonetworks.com/CVE-2024-9468 • CWE-787: Out-of-bounds Write •
CVE-2024-7294 – Uncontrolled resource consumption of anonymous endpoints
https://notcve.org/view.php?id=CVE-2024-7294
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting. • https://docs.telerik.com/report-server/knowledge-base/uncontrolled-resource-consumption-cve-2024-7294 • CWE-400: Uncontrolled Resource Consumption •
CVE-2024-39440
https://notcve.org/view.php?id=CVE-2024-39440
In DRM service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •
CVE-2024-39439
https://notcve.org/view.php?id=CVE-2024-39439
In DRM service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •
CVE-2024-42934 – openipmi: missing check on the authorization type on incoming LAN messages in IPMI simulator
https://notcve.org/view.php?id=CVE-2024-42934
OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with very low probability) authentication bypass or code execution. ... Due to a missing check in the authorization type on incoming LAN messages, an attacker may be able to trigger a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=2308375 https://sourceforge.net/p/openipmi/code/ci/4c129d0540f3578ecc078d8612bbf84b6cd24c87 https://sourceforge.net/p/openipmi/code/ci/b52e8e2538b2b48ef6b63bff12b5cc9e2d52eff1 https://access.redhat.com/security/cve/CVE-2024-42934 • CWE-862: Missing Authorization •