CVSS: 8.1EPSS: 0%CPEs: 36EXPL: 0CVE-2024-43390 – Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
https://notcve.org/view.php?id=CVE-2024-43390
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.1EPSS: 0%CPEs: 36EXPL: 0CVE-2024-43389 – Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
https://notcve.org/view.php?id=CVE-2024-43389
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45285 – Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform
https://notcve.org/view.php?id=CVE-2024-45285
The RFC enabled function module allows a low privileged user to perform denial of service on any user and also change or delete favourite nodes. By sending a crafted packet in the function module targeting specific parameters, the specific targeted user will no longer have access to any functionality of SAP GUI. There is low impact on integrity and availability of the application. • https://me.sap.com/notes/3488039 https://url.sap/sapsecuritypatchday • CWE-862: Missing Authorization •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-25073
https://notcve.org/view.php?id=CVE-2024-25073
The baseband software does not properly check a pointer specified by the CC (Call Control module), which can lead to Denial of Service (Untrusted Pointer Dereference). ... The baseband software does not properly check a pointer specified by the CC (Call Control module), which can lead to Denial of Service (Untrusted Pointer Dereference). • https://semiconductor.samsung.com/support/quality-support/product-security-updates https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-25073 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43466 – Microsoft SharePoint Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-43466
Microsoft SharePoint Server Denial of Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft SharePoint. ... The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43466 • CWE-502: Deserialization of Untrusted Data •