CVE-2024-39808
https://notcve.org/view.php?id=CVE-2024-39808
Incorrect Calculation of Buffer Size (CWE-131) in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot leading to a denial of service. This issue affects: Controller 6000 and Controller 7000 9.10 prior to vCR9.10.240816a (distributed in 9.10.1530 (MR2)), 9.00 prior to vCR9.00.240816a (distributed in 9.00.2168 (MR4)), 8.90 prior to vCR8.90.240816a (distributed in 8.90.2155 (MR5)), 8.80 prior to vCR8.80.240816b (distributed in 8.80.1938 (MR6)), all versions of 8.70 and prior. • https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-39808 • CWE-131: Incorrect Calculation of Buffer Size •
CVE-2024-24972
https://notcve.org/view.php?id=CVE-2024-24972
Buffer Copy without Checking Size of Input (CWE-120) in the Controller 6000 and Controller 7000 diagnostic web interface allows an authorised and authenticated operator to reboot the Controller, causing a Denial of Service. • https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-24972 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-40659
https://notcve.org/view.php?id=CVE-2024-40659
This could lead to local denial of service with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/modules/RemoteKeyProvisioning/+/c65dce4c6d8d54e47dce79a56e29e2223a2354e6 https://source.android.com/security/bulletin/2024-09-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-38235 – Windows Hyper-V Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38235
Windows Hyper-V Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38235 • CWE-416: Use After Free •
CVE-2024-38234 – Windows Networking Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38234
Windows Networking Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38234 • CWE-20: Improper Input Validation •