NotCVE-2023-0002 – Buffer overflow in NVD Tools
https://notcve.org/view.php?id=NotCVE-2023-0002
A buffer overflow leading to a denial of service has been found in the NVD Tools, a collection of tools for working with National Vulnerability Database feeds. • https://github.com/facebookincubator/nvdtools https://github.com/facebookincubator/nvdtools/pull/201/commits/81447a60e831223814cc146df3bb172dfd4d52f8 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-9404 – Denial-of-Service Vulnerability Identified in the VPort 07-3 Series
https://notcve.org/view.php?id=CVE-2024-9404
Moxa’s IP Cameras are affected by a medium-severity vulnerability, CVE-2024-9404, which could lead to a denial-of-service condition or cause a service crash. This vulnerability allows attackers to exploit the Moxa service, commonly referred to as moxa_cmd, originally designed for deployment. Because of insufficient input validation, this service may be manipulated to trigger a denial-of-service. This vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. • https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series • CWE-1287: Improper Validation of Specified Type of Input •
CVE-2024-42453
https://notcve.org/view.php?id=CVE-2024-42453
This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. • https://www.veeam.com/kb4693 •
CVE-2024-37302 – Synapse denial of service through media disk space consumption
https://notcve.org/view.php?id=CVE-2024-37302
This can lead to a denial of service, ranging from further media uploads/downloads failing to completely unavailability of the Synapse process, depending on how Synapse was deployed. • https://github.com/element-hq/synapse/security/advisories/GHSA-4mhg-xv73-xq2x • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2024-52805 – Synapse allows unsupported content types to lead to memory exhaustion
https://notcve.org/view.php?id=CVE-2024-52805
In Synapse before 1.120.1, multipart/form-data requests can in certain configurations transiently increase memory consumption beyond expected levels while processing the request, which can be used to amplify denial of service attacks. • https://github.com/element-hq/synapse/security/advisories/GHSA-rfq8-j7rh-8hf2 https://github.com/twisted/twisted/issues/4688#issuecomment-1167705518 https://github.com/twisted/twisted/issues/4688#issuecomment-2385711609 • CWE-770: Allocation of Resources Without Limits or Throttling •