CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8391 – Eclipse Vert.x gRPC server does not limit the maximum message size
https://notcve.org/view.php?id=CVE-2024-8391
This may lead to excessive memory consumption in a server or a client, causing a denial of service. • https://github.com/eclipse-vertx/vertx-grpc/issues/113 https://gitlab.eclipse.org/security/cve-assignement/-/issues/31 https://access.redhat.com/security/cve/CVE-2024-8391 https://bugzilla.redhat.com/show_bug.cgi?id=2309758 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-45230 – python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()
https://notcve.org/view.php?id=CVE-2024-45230
The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. ... Excessive input with a specific sequence of characters may lead to denial of service. • https://docs.djangoproject.com/en/dev/releases/security https://groups.google.com/forum/#%21forum/django-announce https://www.djangoproject.com/weblog/2024/sep/03/security-releases https://access.redhat.com/security/cve/CVE-2024-45230 https://bugzilla.redhat.com/show_bug.cgi?id=2314485 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-8418 – Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service
https://notcve.org/view.php?id=CVE-2024-8418
They contain a denial of service vulnerability due to serial processing of TCP DNS queries. This flaw allows a malicious client to keep a TCP connection open indefinitely, causing other DNS queries to time out and resulting in a denial of service for all other containers using aardvark-dns. A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. • https://access.redhat.com/security/cve/CVE-2024-8418 https://bugzilla.redhat.com/show_bug.cgi?id=2309683 https://github.com/containers/aardvark-dns/issues/500 https://github.com/containers/aardvark-dns/pull/503 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-34646
https://notcve.org/view.php?id=CVE-2024-34646
Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=09 •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-45692
https://notcve.org/view.php?id=CVE-2024-45692
Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000. • https://cispa.de/en/loop-dos https://webmin.com https://www.openwall.com/lists/oss-security/2024/09/04/1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •