CVSS: 8.5EPSS: 0%CPEs: 36EXPL: 0CVE-2024-43390 – Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
https://notcve.org/view.php?id=CVE-2024-43390
10 Sep 2024 — A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.5EPSS: 0%CPEs: 36EXPL: 0CVE-2024-43389 – Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
https://notcve.org/view.php?id=CVE-2024-43389
10 Sep 2024 — A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45285 – Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform
https://notcve.org/view.php?id=CVE-2024-45285
10 Sep 2024 — The RFC enabled function module allows a low privileged user to perform denial of service on any user and also change or delete favourite nodes. • https://me.sap.com/notes/3488039 • CWE-862: Missing Authorization •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-25073
https://notcve.org/view.php?id=CVE-2024-25073
10 Sep 2024 — The baseband software does not properly check a pointer specified by the CC (Call Control module), which can lead to Denial of Service (Untrusted Pointer Dereference). ... The baseband software does not properly check a pointer specified by the CC (Call Control module), which can lead to Denial of Service (Untrusted Pointer Dereference). • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-25074
https://notcve.org/view.php?id=CVE-2024-25074
10 Sep 2024 — The baseband software does not properly check a pointer specified by the SM (Session Management module), which can lead to Denial of Service (Untrusted Pointer Dereference). ... The baseband software does not properly check a pointer specified by the SM (Session Management module), which can lead to Denial of Service (Untrusted Pointer Dereference). • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43466 – Microsoft SharePoint Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-43466
10 Sep 2024 — Microsoft SharePoint Server Denial of Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft SharePoint. ... An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43466 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42500
https://notcve.org/view.php?id=CVE-2024-42500
09 Sep 2024 — HPE has identified a denial of service vulnerability in HPE HP-UX System's Network File System (NFSv4) services. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04697en_us&docLocale=en_US •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45296 – path-to-regexp outputs backtracking regular expressions
https://notcve.org/view.php?id=CVE-2024-45296
09 Sep 2024 — Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). ... Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS). ... ... • https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40680 – IBM MQ denial of service
https://notcve.org/view.php?id=CVE-2024-40680
07 Sep 2024 — IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault. IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault. • https://exchange.xforce.ibmcloud.com/vulnerabilities/297611 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-51368 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2023-51368
06 Sep 2024 — If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network. ... If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network. • https://www.qnap.com/en/security-advisory/qsa-24-20 • CWE-476: NULL Pointer Dereference •