CVSS: 3.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-22733
https://notcve.org/view.php?id=CVE-2024-22733
TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker. • https://lenoctambule.dev/post/dos-on-tp-link-web-admin-panel • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-48289
https://notcve.org/view.php?id=CVE-2024-48289
An issue in the Bluetooth Low Energy implementation of Cypress Bluetooth SDK v3.66 allows attackers to cause a Denial of Service (DoS) via supplying a crafted LL_PAUSE_ENC_REQ packet. • https://community.infineon.com/t5/PSoC-4/BLE-SDK-Integer-Overflow/m-p/888037#M49108 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8185 – Vault Vulnerable to Denial of Service When Processing Raft Join Requests
https://notcve.org/view.php?id=CVE-2024-8185
Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12. • https://discuss.hashicorp.com/t/hcsec-2024-26-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-processing-raft-cluster-join-requests/71047 • CWE-636: Not Failing Securely ('Failing Open') •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38286 – Apache Tomcat: Denial of Service
https://notcve.org/view.php?id=CVE-2024-38286
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. • https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s https://access.redhat.com/security/cve/CVE-2024-38286 https://bugzilla.redhat.com/show_bug.cgi?id=2314686 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-33700
https://notcve.org/view.php?id=CVE-2024-33700
The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1998 • CWE-20: Improper Input Validation •