CVSS: 3.7EPSS: 0%CPEs: 35EXPL: 0CVE-2024-3302 – Mozilla: Denial of Service using HTTP/2 CONTINUATION frames
https://notcve.org/view.php?id=CVE-2024-3302
16 Apr 2024 — There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. No había límite para la cantidad de frames de CONTINUATION HTTP/2 que se procesarían. Un servidor podría abusar de esto para crear una condición de falta de memoria en el navegador. • https://bugzilla.mozilla.org/show_bug.cgi?id=1881183 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.1EPSS: 0%CPEs: 17EXPL: 0CVE-2024-3863
https://notcve.org/view.php?id=CVE-2024-3863
16 Apr 2024 — The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. La advertencia del archivo ejecutable no se presentó al descargar archivos .xrm-ms. *Nota: Este problema solo afectó a los sistemas operativos Windows. • https://bugzilla.mozilla.org/show_bug.cgi?id=1885855 •
CVSS: 6.4EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3861 – Mozilla: Potential use-after-free due to AlignedBuffer self-move
https://notcve.org/view.php?id=CVE-2024-3861
16 Apr 2024 — If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Si se asignara un AlignedBuffer a sí mismo, el movimiento automático posterior podría dar como resultado un recuento de referencias incorrecto y, posteriormente, un use-after-free. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The Mozilla Foundation Secu... • https://bugzilla.mozilla.org/show_bug.cgi?id=1883158 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2024-3859 – Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
https://notcve.org/view.php?id=CVE-2024-3859
16 Apr 2024 — On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. En las versiones de 32 bits había desbordamientos de enteros que conducían a una lectura fuera de los límites que potencialmente podría ser provocada por una fuente OpenType con formato incorrecto. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The... • https://bugzilla.mozilla.org/show_bug.cgi?id=1874489 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3857 – Mozilla: Incorrect JITting of arguments led to use-after-free during garbage collection
https://notcve.org/view.php?id=CVE-2024-3857
16 Apr 2024 — The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. El JIT creó código incorrecto para los argumentos en ciertos casos. Esto provocó posibles fallos de use-after-free durante la recolección de basura. • https://bugzilla.mozilla.org/show_bug.cgi?id=1886683 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3854 – Mozilla: Out-of-bounds-read after mis-optimized switch statement
https://notcve.org/view.php?id=CVE-2024-3854
16 Apr 2024 — In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. En algunos patrones de código, el JIT optimizó incorrectamente las declaraciones de cambio y generó código con lecturas fuera de los límites. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The Mozilla Foundation Security Advisory describes this flaw as: In some code patterns the J... • https://bugzilla.mozilla.org/show_bug.cgi?id=1884552 • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3852 – Mozilla: GetBoundName in the JIT returned the wrong object
https://notcve.org/view.php?id=CVE-2024-3852
16 Apr 2024 — GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. GetBoundName podría devolver la versión incorrecta de un objeto cuando se aplicaron optimizaciones JIT. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were a... • https://bugzilla.mozilla.org/show_bug.cgi?id=1883542 • CWE-386: Symbolic Name not Mapping to Correct Object CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2023-29483 – dnspython: denial of service in stub resolver
https://notcve.org/view.php?id=CVE-2023-29483
11 Apr 2024 — eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. eventlet ant... • https://github.com/eventlet/eventlet/issues/913 • CWE-292: DEPRECATED: Trusting Self-reported DNS Name CWE-696: Incorrect Behavior Order •
CVSS: 8.2EPSS: 0%CPEs: 23EXPL: 1CVE-2024-3446 – Qemu: virtio: dma reentrancy issue leads to double free vulnerability
https://notcve.org/view.php?id=CVE-2024-3446
09 Apr 2024 — A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host. Se encontró una doble vulnerabilidad gratuita en los dispositivos QEMU virtio (virtio-gpu, virtio... • https://github.com/Toxich4/CVE-2024-34469 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-29025 – Netty HttpPostRequestDecoder can OOM
https://notcve.org/view.php?id=CVE-2024-29025
25 Mar 2024 — Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecoded... • https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3 • CWE-770: Allocation of Resources Without Limits or Throttling •