CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-21538
https://notcve.org/view.php?id=CVE-2024-21538
Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. • https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f https://github.com/moxystudio/node-cross-spawn/pull/160 https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45759
https://notcve.org/view.php?id=CVE-2024-45759
Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system. • https://www.dell.com/support/kbdoc/en-us/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-27528
https://notcve.org/view.php?id=CVE-2024-27528
wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution. • https://gist.github.com/haruki3hhh/baa757c4af4fefb410d9c74d7a68152e https://github.com/wasm3/wasm3/issues/463 • CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-35410
https://notcve.org/view.php?id=CVE-2024-35410
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. • https://gist.github.com/haruki3hhh/f686e1d517e8f5d1281b02e633129522 https://github.com/kanaka/wac/issues/17 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-35418
https://notcve.org/view.php?id=CVE-2024-35418
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. • https://gist.github.com/haruki3hhh/29237c52bd0cc30e3cc906f0af221b09 https://github.com/kanaka/wac/issues/19 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •