CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49506 – Fixed temporary file path in aeon-checks allows fixing of disk encryption key
https://notcve.org/view.php?id=CVE-2024-49506
Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49506 • CWE-377: Insecure Temporary File •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-48989
https://notcve.org/view.php?id=CVE-2024-48989
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch Rexroth allows an attacker to cause a denial of service, rendering the device unresponsive by sending arbitrary UDP messages. • https://psirt.bosch.com/security-advisories/BOSCH-SA-315415.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8935
https://notcve.org/view.php?id=CVE-2024-8935
CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the controller and the engineering workstation while a valid user is establishing a communication session. • https://download.schneider-electric.com/doc/SEVD-2024-317-02/SEVD-2024-317-02.pdf • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-8933
https://notcve.org/view.php?id=CVE-2024-8933
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of confidentiality and integrity of controllers. • https://download.schneider-electric.com/doc/SEVD-2024-317-02/SEVD-2024-317-02.pdf • CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-37400
https://notcve.org/view.php?id=CVE-2024-37400
An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs • CWE-125: Out-of-bounds Read •