CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-41434
https://notcve.org/view.php?id=CVE-2024-41434
This allows attackers to cause a Denial of Service (DoS) via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the return type. • https://gist.github.com/ycybfhb/4aa6809695b9e8a1cd1429e597c17517 https://github.com/pingcap/tidb/issues/53733 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41433
https://notcve.org/view.php?id=CVE-2024-41433
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. • https://github.com/pingcap/tidb/issues/53796 https://gist.github.com/ycybfhb/eec3a1eefe4c85eb22f1bca6114359a1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45311 – Denial of service in quinn-proto when using `Endpoint::retry()`
https://notcve.org/view.php?id=CVE-2024-45311
This issue can go undetected until a server's `refuse()`/`ignore()` code path is exercised, such as to stop a denial of service attack. 2. • https://github.com/quinn-rs/quinn/security/advisories/GHSA-vr26-jcq5-fjj8 https://github.com/quinn-rs/quinn/commit/e01609ccd8738bd438d86fa7185a0f85598cb58f https://github.com/quinn-rs/quinn/blob/bb02a12a8435a7732a1d762783eeacbb7e50418e/quinn-proto/src/endpoint.rs#L213 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45308 – MySQL & free URL mode allows to hide existing notes in hedgedoc
https://notcve.org/view.php?id=CVE-2024-45308
Attackers can also use this issue to prevent access to the original note, causing a denial of service. • https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pjf2-269h-cx7p https://github.com/hedgedoc/hedgedoc/commit/380587b7fd65bc1eb71eef51a3aab324f9877650 • CWE-1289: Improper Validation of Unsafe Equivalence in Input •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-33057 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •