CVE-2024-20517 – Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2024-20517
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. This vulnerability is due to improper validation of user input that is in incoming HTTP packets. ... A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV •
CVE-2024-20516 – Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2024-20516
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. This vulnerability is due to improper validation of user input that is in incoming HTTP packets. ... A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV •
CVE-2024-20444 – Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-20444
A successful exploit could allow the attacker to overwrite sensitive files or crash a specific container, which would restart on its own, causing a low-impact denial of service (DoS) condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-raci-T46k3jnN •
CVE-2024-9423 – Certain HP LaserJet Printers – Potential Denial of Service
https://notcve.org/view.php?id=CVE-2024-9423
Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. • https://support.hp.com/us-en/document/ish_11266441-11266463-16/hpsbpi03976 • CWE-241: Improper Handling of Unexpected Data Type •
CVE-2024-45797 – LibHTP's unbounded header handling leads to denial service
https://notcve.org/view.php?id=CVE-2024-45797
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49. LibHTP es un analizador que tiene en cuenta la seguridad del protocolo HTTP y sus componentes relacionados. Antes de la versión 0.5.49, el procesamiento ilimitado de los encabezados de solicitud y respuesta HTTP podía generar un uso excesivo de la memoria y del tiempo de CPU, lo que posiblemente provocara ralentizaciones extremas. • https://github.com/OISF/libhtp/security/advisories/GHSA-rqqp-24ch-248f https://redmine.openinfosecfoundation.org/issues/7191 • CWE-770: Allocation of Resources Without Limits or Throttling •