CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-3447 – Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()
https://notcve.org/view.php?id=CVE-2024-3447
A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. • https://access.redhat.com/security/cve/CVE-2024-3447 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58813 https://bugzilla.redhat.com/show_bug.cgi?id=2274123 https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-2550 – PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet
https://notcve.org/view.php?id=CVE-2024-2550
A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. ... Una vulnerabilidad de desreferencia de puntero nulo en la puerta de enlace GlobalProtect del software PAN-OS de Palo Alto Networks permite que un atacante no autenticado detenga el servicio GlobalProtect en el firewall mediante el envío de un paquete especialmente manipulado que provoca una condición de denegación de servicio (DoS). • https://security.paloaltonetworks.com/CVE-2024-2550 • CWE-476: NULL Pointer Dereference •
CVSS: 8.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2551 – PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
https://notcve.org/view.php?id=CVE-2024-2551
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. ... Una vulnerabilidad de desreferencia de puntero nulo en el software PAN-OS de Palo Alto Networks permite a un atacante no autenticado detener un servicio central del sistema en el firewall mediante el envío de un paquete manipulado a través del plano de datos que provoca una condición de denegación de servicio (DoS). • https://security.paloaltonetworks.com/CVE-2024-2551 • CWE-476: NULL Pointer Dereference •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-9472 – PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic
https://notcve.org/view.php?id=CVE-2024-9472
A null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms when Decryption policy is enabled allows an unauthenticated attacker to crash PAN-OS by sending specific traffic through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode. Palo Alto Networks VM-Series, Cloud NGFW, and Prisma Access are not affected. This issue only affects PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series running these specific versions of PAN-OS: * 10.2.7-h12 * 10.2.8-h10 * 10.2.9-h9 * 10.2.9-h11 * 10.2.10-h2 * 10.2.10-h3 * 10.2.11 * 10.2.11-h1 * 10.2.11-h2 * 10.2.11-h3 * 11.1.2-h9 * 11.1.2-h12 * 11.1.3-h2 * 11.1.3-h4 * 11.1.3-h6 * 11.2.2 * 11.2.2-h1 Una desreferencia de puntero nulo en el software PAN-OS de Palo Alto Networks en las plataformas de hardware de las series PA-800, PA-3200, PA-5200 y PA-7000 cuando la política de descifrado está habilitada permite que un atacante no autenticado bloquee PAN-OS mediante el envío de tráfico específico a través del plano de datos, lo que genera una condición de denegación de servicio (DoS). • https://security.paloaltonetworks.com/CVE-2024-9472 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41209
https://notcve.org/view.php?id=CVE-2024-41209
A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service (DoS) and Code Execution via a crafted MOV video file. • https://github.com/justdan96/tsMuxer/issues/841 https://ricercasecurity.blogspot.com/2024/10/rezzuf0-day-cve-2024-41209.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •