CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38826 – CVE-2024-38826 Cloud Controller Denial of Service Attack
https://notcve.org/view.php?id=CVE-2024-38826
This behavior can potentially be used to run a denial of service attack against Cloud Controller. The Cloud Foundry project recommends upgrading the following releases: * Upgrade capi release version to 1.194.0 or greater * Upgrade cf-deployment version to v44.1.0 or greater. • https://www.cloudfoundry.org/blog/cve-2024-38826-cloud-controller-denial-of-service-attack •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-52532 – libsoup: infinite loop while reading websocket data
https://notcve.org/view.php?id=CVE-2024-52532
The effect will prevent the DCV service from accepting any further connections, leading to a denial of service. • https://gitlab.gnome.org/GNOME/libsoup/-/issues/391 https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410 https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home https://access.redhat.com/security/cve/CVE-2024-52532 https://bugzilla.redhat.com/show_bug.cgi?id=2325276 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-40457
https://notcve.org/view.php?id=CVE-2023-40457
The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). • https://blog.benjojo.co.uk/asset/JgH8G5duO1 https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling https://supportdocs.extremenetworks.com/support/documentation/extremexos-32-5 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21994 – CVE-2024-21994 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21994
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. • https://security.netapp.com/advisory/ntap-20241108-0001 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-50591 – Local Privilege Escalation via Command Injection
https://notcve.org/view.php?id=CVE-2024-50591
El Actualizador de software de Elefant (ESU) consta de dos componentes. • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •