CVSS: 6.1EPSS: 0%CPEs: 33EXPL: 0CVE-2022-20849 – Cisco IOS XR Software Broadband Network Gateway PPPoE Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20849
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash. This vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An attacker could exploit this vulnerability by sending a sequence of specific PPPoE packets from controlled customer premises equipment (CPE). A successful exploit could allow the attacker to cause the PPPoE process to continually restart, resulting in a denial of service condition (DoS).Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see . • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bng-Gmg5Gxt • CWE-391: Unchecked Error Condition •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-20125 – Cisco BroadWorks Network Server TCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-20125
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An attacker could exploit this vulnerability by sending a high rate of TCP connections to the server. ... For more information, see the section of this advisory. Cisco has released software updates that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-tcp-dos-KEdJCxLs • CWE-400: Uncontrolled Resource Consumption •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-24426
https://notcve.org/view.php?id=CVE-2024-24426
Reachable assertions in the NGAP_FIND_PROTOCOLIE_BY_ID function of OpenAirInterface Magma v1.8.0 and OAI EPC Federation v1.2.0 allow attackers to cause a Denial of Service (DoS) via a crafted NGAP packet. • https://cellularsecurity.org/ransacked https://github.com/OPENAIRINTERFACE/openair-epc-fed https://github.com/magma/magma •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-24431
https://notcve.org/view.php?id=CVE-2024-24431
A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length. • https://cellularsecurity.org/ransacked https://open5gs.org •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-24447
https://notcve.org/view.php?id=CVE-2024-24447
A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list. • https://cellularsecurity.org/ransacked https://openairinterface.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •