CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-38236 – DHCP Server Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38236
DHCP Server Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38236 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38230 – Windows Standards-Based Storage Management Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38230
Windows Standards-Based Storage Management Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38230 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-6841 – Keycloak: amount of attributes per object is not limited and it may lead to dos
https://notcve.org/view.php?id=CVE-2023-6841
A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values. • https://access.redhat.com/security/cve/CVE-2023-6841 https://bugzilla.redhat.com/show_bug.cgi?id=2254714 • CWE-231: Improper Handling of Extra Values •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45590 – body-parser vulnerable to denial of service when url encoding is enabled
https://notcve.org/view.php?id=CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. ... This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled. • https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7 https://access.redhat.com/security/cve/CVE-2024-45590 https://bugzilla.redhat.com/show_bug.cgi?id=2311171 • CWE-405: Asymmetric Resource Consumption (Amplification) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45412 – Yeti affected by a Potential Denial of Service due to the One Milion Unicode characters attack
https://notcve.org/view.php?id=CVE-2024-45412
Under Windows, such normalization is costly in resources and may lead to denial of service with attacks such as One Million Unicode payload. • https://github.com/yeti-platform/yeti/commit/f1f0082e7c165f148ae95f4deeb2786404797a39 https://github.com/yeti-platform/yeti/security/advisories/GHSA-cwwm-pq9x-2cxv https://hackerone.com/reports/2258758 • CWE-770: Allocation of Resources Without Limits or Throttling •