CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-47909
https://notcve.org/view.php?id=CVE-2024-47909
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-47907
https://notcve.org/view.php?id=CVE-2024-47907
A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs • CWE-121: Stack-based Buffer Overflow •
CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-47905
https://notcve.org/view.php?id=CVE-2024-47905
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47535 – Denial of Service attack on windows app using Netty
https://notcve.org/view.php?id=CVE-2024-47535
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. • https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3 https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-50321 – Ivanti Avalanche WLAvalancheService TV_FP Infinite Loop Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-50321
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService service, which listens on TCP port 1777 by default. The issue results from a lack of a proper exit condition in a loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •