CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44954 – ALSA: line6: Fix racy access to midibuf
https://notcve.org/view.php?id=CVE-2024-44954
04 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/643293b68fbb6c03f5e907736498da17d43f0d81 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-44950 – serial: sc16is7xx: fix invalid FIFO access with special register set
https://notcve.org/view.php?id=CVE-2024-44950
04 Sep 2024 — A local attacker could possibly use this to cause a denial of service. • https://git.kernel.org/stable/c/dfeae619d781dee61666d5551b93ba3be755a86b •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44948 – x86/mtrr: Check if fixed MTRRs exist before saving them
https://notcve.org/view.php?id=CVE-2024-44948
04 Sep 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/2b1f6278d77c1f2f669346fc2bb48012b5e9495a •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8391 – Eclipse Vert.x gRPC server does not limit the maximum message size
https://notcve.org/view.php?id=CVE-2024-8391
04 Sep 2024 — This may lead to excessive memory consumption in a server or a client, causing a denial of service. • https://github.com/eclipse-vertx/vertx-grpc/issues/113 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-45230 – python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()
https://notcve.org/view.php?id=CVE-2024-45230
04 Sep 2024 — The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. ... Excessive input with a specific sequence of characters may lead to denial of service. • https://docs.djangoproject.com/en/dev/releases/security • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8418 – Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service
https://notcve.org/view.php?id=CVE-2024-8418
04 Sep 2024 — They contain a denial of service vulnerability due to serial processing of TCP DNS queries. This flaw allows a malicious client to keep a TCP connection open indefinitely, causing other DNS queries to time out and resulting in a denial of service for all other containers using aardvark-dns. A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. ... This issue prevents ... • https://access.redhat.com/security/cve/CVE-2024-8418 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34646
https://notcve.org/view.php?id=CVE-2024-34646
04 Sep 2024 — Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=09 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44808
https://notcve.org/view.php?id=CVE-2024-44808
04 Sep 2024 — An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter. • https://jacobmasse.medium.com/cve-2024-44808-remote-command-execution-in-vypor-ddos-attack-api-1ed073725595 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45506
https://notcve.org/view.php?id=CVE-2024-45506
04 Sep 2024 — HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service. HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024. • http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=c725db17e8416ffb3c1537aea756356228ce5e3c •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45692
https://notcve.org/view.php?id=CVE-2024-45692
04 Sep 2024 — Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000. • https://cispa.de/en/loop-dos • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •