CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-52532 – libsoup: infinite loop while reading websocket data
https://notcve.org/view.php?id=CVE-2024-52532
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients. ... This issue makes it possible to cause the loop to run indefinitely by sending a continuous stream of data to it. The effect will prevent the DCV service from accepting any further connections, leading to a denial of service. • https://gitlab.gnome.org/GNOME/libsoup/-/issues/391 https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410 https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home https://access.redhat.com/security/cve/CVE-2024-52532 https://bugzilla.redhat.com/show_bug.cgi?id=2325276 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-40457
https://notcve.org/view.php?id=CVE-2023-40457
The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). NOTE: the vendor disputes this because it is "evaluating support for RFC 7606 as a future feature" and believes that "customers that have chosen to not require or implement RFC 7606 have done so willingly and with knowledge of what is needed to defend against these types of attacks." • https://blog.benjojo.co.uk/asset/JgH8G5duO1 https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling https://supportdocs.extremenetworks.com/support/documentation/extremexos-32-5 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21994 – CVE-2024-21994 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21994
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to a service crash. • https://security.netapp.com/advisory/ntap-20241108-0001 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-50591 – Local Privilege Escalation via Command Injection
https://notcve.org/view.php?id=CVE-2024-50591
The command injection can be exploited by communicating with the Elefant Update Service which is running as "SYSTEM" via Windows Named Pipes.The Elefant Software Updater (ESU) consists of two components. An ESU service which runs as "NT AUTHORITY\SYSTEM" and an ESU tray client which communicates with the service to update or repair the installation and is running with user permissions. ... A crafted message of type "MessageType.SupportServiceInfos" can be sent to the local ESU service to inject commands, which are then executed as "NT AUTHORITY\SYSTEM". ... El Actualizador de software de Elefant (ESU) consta de dos componentes. Un servicio ESU que se ejecuta como "NT AUTHORITY\SYSTEM" y un cliente de bandeja de ESU que se comunica con el servicio para actualizar o reparar la instalación y se ejecuta con permisos de usuario. • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-50590 – Local Privilege Escalation via Weak Service Binary Permissions
https://notcve.org/view.php?id=CVE-2024-50590
Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ... This means that a local attacker can rename one of the service binaries, replace the service executable with a new executable, and then restart the system. ... Los atacantes con acceso local al equipo del consultorio médico pueden escalar sus privilegios de usuario de Windows a "NT AUTHORITY\SYSTEM" sobrescribiendo uno de los dos binarios de servicio de Elefant con permisos débiles. ... Además, el instalador de Elefant registra dos servicios de base de datos de Firebird que se ejecutan como "NT AUTHORITY\SYSTEM". • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-250: Execution with Unnecessary Privileges CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •