CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-44460
https://notcve.org/view.php?id=CVE-2024-44460
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS). • https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Nanomq_invalid_read.md • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-45182
https://notcve.org/view.php?id=CVE-2024-45182
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service. • https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf https://wibu.com • CWE-404: Improper Resource Shutdown or Release •
CVSS: 8.6EPSS: 0%CPEs: 18EXPL: 0CVE-2024-20304 – Cisco IOS XR Software Packet Memory Exhaustion Vulnerability
https://notcve.org/view.php?id=CVE-2024-20304
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. ... The affected device would not be able to process higher-level UDP-based protocols packets, possibly causing a denial of service (DoS) condition. Note: This vulnerability can be exploited using IPv4 or IPv6. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pak-mem-exhst-3ke9FeFy • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.4EPSS: 0%CPEs: 30EXPL: 0CVE-2024-20406 – Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20406
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. ... A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-xehpbVNe • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 10EXPL: 0CVE-2024-20317 – Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20317
A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect classification of certain types of Ethernet frames that are received on an interface. An attacker could exploit this vulnerability by sending specific types of Ethernet frames to or through the affected device. A successful exploit could allow the attacker to cause control plane protocol relationships to fail, resulting in a DoS condition. For more information, see the section of this advisory. Cisco has released software updates that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-l2services-2mvHdNuC • CWE-684: Incorrect Provision of Specified Functionality •