CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-20510
https://notcve.org/view.php?id=CVE-2023-20510
13 Aug 2024 — An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html •
CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0CVE-2021-46772
https://notcve.org/view.php?id=CVE-2021-46772
13 Aug 2024 — Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service. Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, po... • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.2EPSS: 0%CPEs: 7EXPL: 0CVE-2021-46746
https://notcve.org/view.php?id=CVE-2021-46746
13 Aug 2024 — Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service. Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-bas... • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6619 – Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report
https://notcve.org/view.php?id=CVE-2024-6619
13 Aug 2024 — In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-226-08 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 2CVE-2024-6768 – Denial of Service in CLFS.sys
https://notcve.org/view.php?id=CVE-2024-6768
12 Aug 2024 — A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. • https://packetstorm.news/files/id/180132 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42258 – mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines
https://notcve.org/view.php?id=CVE-2024-42258
12 Aug 2024 — A local attacker could possibly use this to cause a denial of service. • https://git.kernel.org/stable/c/87632bc9ecff5ded93433bc0fca428019bdd1cfe •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36462 – Allocation of resources without limits or throttling (uncontrolled resource consumption)
https://notcve.org/view.php?id=CVE-2024-36462
09 Aug 2024 — This can cause a denial-of-service (DoS) attack or degrade the performance of the affected system. • https://support.zabbix.com/browse/ZBX-25019 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0115
https://notcve.org/view.php?id=CVE-2024-0115
09 Aug 2024 — A successful exploit of this vulnerability may lead to denial of service and data loss. • https://nvidia.custhelp.com/app/answers/detail/a_id/5560 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38989
https://notcve.org/view.php?id=CVE-2024-38989
09 Aug 2024 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/5e9830fb180a34d65f04fafb52d2b94b • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37826
https://notcve.org/view.php?id=CVE-2024-37826
09 Aug 2024 — A NULL pointer dereference in vercot Serva v4.6.0 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. • https://gist.github.com/Evian-Zhang/4453e7ac0da7cfa421c76c5ab514dba4 • CWE-476: NULL Pointer Dereference •