CVE-2024-46581
https://notcve.org/view.php?id=CVE-2024-46581
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. • https://ink-desk-28f.notion.site/Draytek-vigor-3910-Analysis-Report-b3b23e150c4f4bab822c3c47fd7b9de9#7c3324f08b21445fb00f1e8eaa26283f •
CVE-2024-8939 – Vllm: denials of service in vllm json web api
https://notcve.org/view.php?id=CVE-2024-8939
A vulnerability was found in the ilab model serve component, where improper handling of the best_of parameter in the vllm JSON web API can lead to a Denial of Service (DoS). The API used for LLM-based sentence or chat completion accepts a best_of parameter to return the best completion from several options. When this parameter is set to a large value, the API does not handle timeouts or resource exhaustion properly, allowing an attacker to cause a DoS by consuming excessive system resources. This leads to the API becoming unresponsive, preventing legitimate users from accessing the service. • https://access.redhat.com/security/cve/CVE-2024-8939 https://bugzilla.redhat.com/show_bug.cgi?id=2312782 • CWE-400: Uncontrolled Resource Consumption •
CVE-2024-8768 – Vllm: a completions api request with an empty prompt will crash the vllm api server.
https://notcve.org/view.php?id=CVE-2024-8768
A completions API request with an empty prompt will crash the vLLM API server, resulting in a denial of service. • https://access.redhat.com/security/cve/CVE-2024-8768 https://bugzilla.redhat.com/show_bug.cgi?id=2311895 https://github.com/vllm-project/vllm/issues/7632 https://github.com/vllm-project/vllm/pull/7746 • CWE-617: Reachable Assertion •
CVE-2024-8110
https://notcve.org/view.php?id=CVE-2024-8110
Denial of Service (DoS) vulnerability has been found in Dual-redundant Platform for Computer. If a computer on which the affected product is installed receives a large number of UDP broadcast packets in a short period, occasionally that computer may restart. If both the active and standby computers are restarted at the same time, the functionality on that computer may be temporarily unavailable. • https://web-material3.yokogawa.com/1/36276/files/YSAR-24-0003-E.pdf • CWE-252: Unchecked Return Value •
CVE-2024-27874
https://notcve.org/view.php?id=CVE-2024-27874
A remote attacker may be able to cause a denial-of-service. • https://support.apple.com/en-us/121250 • CWE-400: Uncontrolled Resource Consumption •