CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43083
https://notcve.org/view.php?id=CVE-2024-43083
In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/modules/Wifi/+/62f61e19524e9a55cadd1116c9448ff34b977e50 https://source.android.com/security/bulletin/2024-11-01 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49506 – Fixed temporary file path in aeon-checks allows fixing of disk encryption key
https://notcve.org/view.php?id=CVE-2024-49506
Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49506 • CWE-377: Insecure Temporary File •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-48989
https://notcve.org/view.php?id=CVE-2024-48989
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch Rexroth allows an attacker to cause a denial of service, rendering the device unresponsive by sending arbitrary UDP messages. • https://psirt.bosch.com/security-advisories/BOSCH-SA-315415.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8935
https://notcve.org/view.php?id=CVE-2024-8935
CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the controller and the engineering workstation while a valid user is establishing a communication session. • https://download.schneider-electric.com/doc/SEVD-2024-317-02/SEVD-2024-317-02.pdf • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-8933
https://notcve.org/view.php?id=CVE-2024-8933
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of confidentiality and integrity of controllers. • https://download.schneider-electric.com/doc/SEVD-2024-317-02/SEVD-2024-317-02.pdf • CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •