NotCVE-2023-0002 – Buffer overflow in NVD Tools
https://notcve.org/view.php?id=NotCVE-2023-0002
A buffer overflow leading to a denial of service has been found in the NVD Tools, a collection of tools for working with National Vulnerability Database feeds. • https://github.com/facebookincubator/nvdtools https://github.com/facebookincubator/nvdtools/pull/201/commits/81447a60e831223814cc146df3bb172dfd4d52f8 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-46424
https://notcve.org/view.php?id=CVE-2024-46424
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/UploadCustomModule.md •
CVE-2024-8280
https://notcve.org/view.php?id=CVE-2024-8280
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection or cause a recoverable denial of service using a specially crafted file. • https://support.lenovo.com/us/en/product_security/LEN-172051 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2024-43759 – Illustrator | NULL Pointer Dereference (CWE-476)
https://notcve.org/view.php?id=CVE-2024-43759
Illustrator versions 28.6, 27.9.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. ... Las versiones 28.6, 27.9.5 y anteriores de Illustrator se ven afectadas por una vulnerabilidad de desreferencia de puntero nulo que podría provocar una denegación de servicio (DoS) de la aplicación. • https://helpx.adobe.com/security/products/illustrator/apsb24-66.html • CWE-476: NULL Pointer Dereference •
CVE-2024-8751 – Vulnerability in SICK MSC800
https://notcve.org/view.php?id=CVE-2024-8751
A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP address over Sopas ET. This can lead to Denial of Service. Users are recommended to upgrade both MSC800 and MSC800 LFT to version V4.26 and S2.93.20 respectively which fixes this issue. • https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2024 • CWE-306: Missing Authentication for Critical Function •