CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45311 – Denial of service in quinn-proto when using `Endpoint::retry()`
https://notcve.org/view.php?id=CVE-2024-45311
This issue can go undetected until a server's `refuse()`/`ignore()` code path is exercised, such as to stop a denial of service attack. 2. • https://github.com/quinn-rs/quinn/security/advisories/GHSA-vr26-jcq5-fjj8 https://github.com/quinn-rs/quinn/commit/e01609ccd8738bd438d86fa7185a0f85598cb58f https://github.com/quinn-rs/quinn/blob/bb02a12a8435a7732a1d762783eeacbb7e50418e/quinn-proto/src/endpoint.rs#L213 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45308 – MySQL & free URL mode allows to hide existing notes in hedgedoc
https://notcve.org/view.php?id=CVE-2024-45308
Attackers can also use this issue to prevent access to the original note, causing a denial of service. • https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pjf2-269h-cx7p https://github.com/hedgedoc/hedgedoc/commit/380587b7fd65bc1eb71eef51a3aab324f9877650 • CWE-1289: Improper Validation of Unsafe Equivalence in Input •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-33057 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0CVE-2024-33051 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-33051
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-33050 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33050
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •