CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-38236 – DHCP Server Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38236
DHCP Server Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38236 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38230 – Windows Standards-Based Storage Management Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38230
Windows Standards-Based Storage Management Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38230 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-6841 – Keycloak: amount of attributes per object is not limited and it may lead to dos
https://notcve.org/view.php?id=CVE-2023-6841
A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values. • https://access.redhat.com/security/cve/CVE-2023-6841 https://bugzilla.redhat.com/show_bug.cgi?id=2254714 • CWE-231: Improper Handling of Extra Values •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45590 – body-parser vulnerable to denial of service when url encoding is enabled
https://notcve.org/view.php?id=CVE-2024-45590
body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. ... This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled. • https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7 https://access.redhat.com/security/cve/CVE-2024-45590 https://bugzilla.redhat.com/show_bug.cgi?id=2311171 • CWE-405: Asymmetric Resource Consumption (Amplification) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45412 – Yeti affected by a Potential Denial of Service due to the One Milion Unicode characters attack
https://notcve.org/view.php?id=CVE-2024-45412
Under Windows, such normalization is costly in resources and may lead to denial of service with attacks such as One Million Unicode payload. This can get worse with the use of special Unicode characters like U+2100 (℀), or U+2105 (℅) which could lead the payload size to be tripled. • https://github.com/yeti-platform/yeti/commit/f1f0082e7c165f148ae95f4deeb2786404797a39 https://github.com/yeti-platform/yeti/security/advisories/GHSA-cwwm-pq9x-2cxv https://hackerone.com/reports/2258758 • CWE-770: Allocation of Resources Without Limits or Throttling •