CVE-2024-53901
https://notcve.org/view.php?id=CVE-2024-53901
The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image. • https://github.com/briandfoy/cpan-security-advisory/issues/167 https://github.com/briandfoy/cpan-security-advisory/issues/171 https://github.com/tonycoz/imager/issues/534 https://metacpan.org/release/TONYC/Imager-1.025/changes • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-41761 – IBM Db2 denial of service
https://notcve.org/view.php?id=CVE-2024-41761
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. • https://www.ibm.com/support/pages/node/7175947 • CWE-789: Memory Allocation with Excessive Size Value •
CVE-2024-0122
https://notcve.org/view.php?id=CVE-2024-0122
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. A successful exploit of this vulnerability may lead to partial denial of service and confidential information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5570 • CWE-862: Missing Authorization •
CVE-2024-0138
https://notcve.org/view.php?id=CVE-2024-0138
A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5595 • CWE-862: Missing Authorization •
CVE-2024-52804 – Tornado has HTTP cookie parsing DoS vulnerability
https://notcve.org/view.php?id=CVE-2024-52804
This parsing occurs in the event loop thread and may block the processing of other requests. • https://github.com/advisories/GHSA-7pwv-g7hj-39pr https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533 https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •