CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2024-43869 – perf: Fix event leak upon exec and file release
https://notcve.org/view.php?id=CVE-2024-43869
21 Aug 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8bffa95ac19ff27c8261904f89d36c7fcf215d59 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29929
https://notcve.org/view.php?id=CVE-2023-29929
21 Aug 2024 — Buffer Overflow vulnerability found in Kemptechnologies Loadmaster before v.7.2.60.0 allows a remote attacker to casue a denial of service via the libkemplink.so, isreverse library. • https://github.com/YSaxon/CVE-2023-29929 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43868 – riscv/purgatory: align riscv_kernel_entry
https://notcve.org/view.php?id=CVE-2024-43868
20 Aug 2024 — A local attacker could possibly use this to cause a denial of service. • https://git.kernel.org/stable/c/736e30af583fb6e0e2b8211b894ff99dea0f1ee7 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-43867 – drm/nouveau: prime: fix refcount underflow
https://notcve.org/view.php?id=CVE-2024-43867
20 Aug 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43866 – net/mlx5: Always drain health in shutdown callback
https://notcve.org/view.php?id=CVE-2024-43866
20 Aug 2024 — A local attacker could possibly use this to cause a denial of service. • https://git.kernel.org/stable/c/d2aa060d40fa060e963f9a356d43481e43ba3dac • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43863 – drm/vmwgfx: Fix a deadlock in dma buf fence polling
https://notcve.org/view.php?id=CVE-2024-43863
20 Aug 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/2298e804e96eb3635c39519c8287befd92460303 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43861 – net: usb: qmi_wwan: fix memory leak for not ip packets
https://notcve.org/view.php?id=CVE-2024-43861
20 Aug 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/c6adf77953bcec0ad63d7782479452464e50f7a3 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25009 – Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2024-25009
20 Aug 2024 — Ericsson Packet Core Controller (PCC) contains a vulnerability in Access and Mobility Management Function (AMF) where improper input validation can lead to denial of service which may result in service degradation. • https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-ericsson-packet-core-controller-pcc-august-2024 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-38808 – CVE-2024-38808: Spring Expression DoS Vulnerability
https://notcve.org/view.php?id=CVE-2024-38808
20 Aug 2024 — In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition. Specifically, an application is vulnerable when the following is true: * The application evaluates user-supplied SpEL expressions. ... A maliciously crafted Spring Expression Language (SePL) may trigger uncontrolled CPU usage, leading to a ... • https://spring.io/security/cve-2024-38808 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23184 – dovecot: using a large number of address headers may trigger a denial of service
https://notcve.org/view.php?id=CVE-2024-23184
19 Aug 2024 — This flaw allows a remote attacker to trigger a denial of service. • https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2024/oxdc-adv-2024-0002.json • CWE-770: Allocation of Resources Without Limits or Throttling •