CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0NotCVE-2023-0002 – Buffer overflow in NVD Tools
https://notcve.org/view.php?id=NotCVE-2023-0002
A buffer overflow leading to a denial of service has been found in the NVD Tools, a collection of tools for working with National Vulnerability Database feeds. • https://github.com/facebookincubator/nvdtools https://github.com/facebookincubator/nvdtools/pull/201/commits/81447a60e831223814cc146df3bb172dfd4d52f8 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-10270 – Org.keycloak:keycloak-services: keycloak denial of service
https://notcve.org/view.php?id=CVE-2024-10270
If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) scenario by exhausting system resources due to a Regex complexity. • https://access.redhat.com/errata/RHSA-2024:10175 https://access.redhat.com/errata/RHSA-2024:10176 https://access.redhat.com/errata/RHSA-2024:10177 https://access.redhat.com/errata/RHSA-2024:10178 https://access.redhat.com/security/cve/CVE-2024-10270 https://bugzilla.redhat.com/show_bug.cgi?id=2321214 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 4.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-9666 – Org.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerability
https://notcve.org/view.php?id=CVE-2024-9666
The Keycloak Server is vulnerable to a denial of service (DoS) attack due to improper handling of proxy headers. ... This issue can lead to costly DNS resolution operations, which an attacker could exploit to tie up IO threads and potentially cause a denial of service. The attacker must have access to send requests to a Keycloak instance that is configured to accept proxy headers, specifically when reverse proxies do not overwrite incoming headers, and Keycloak is configured to trust these headers. • https://access.redhat.com/errata/RHSA-2024:10175 https://access.redhat.com/errata/RHSA-2024:10176 https://access.redhat.com/errata/RHSA-2024:10177 https://access.redhat.com/errata/RHSA-2024:10178 https://access.redhat.com/security/cve/CVE-2024-9666 https://bugzilla.redhat.com/show_bug.cgi?id=2317440 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-53901
https://notcve.org/view.php?id=CVE-2024-53901
The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image. • https://github.com/briandfoy/cpan-security-advisory/issues/167 https://github.com/briandfoy/cpan-security-advisory/issues/171 https://github.com/tonycoz/imager/issues/534 https://metacpan.org/release/TONYC/Imager-1.025/changes • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-41761 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-41761
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. • https://www.ibm.com/support/pages/node/7175947 • CWE-789: Memory Allocation with Excessive Size Value •