CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43806 – `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
https://notcve.org/view.php?id=CVE-2024-43806
If successful, the application host will quickly run out of memory, after which the application will likely be terminated by an OOM killer, leading to denial of service. • https://github.com/bytecodealliance/rustix/security/advisories/GHSA-c827-hfw6-qwvm https://github.com/imsnif/bandwhich/issues/284 • CWE-400: Uncontrolled Resource Consumption •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-28077
https://notcve.org/view.php?id=CVE-2024-28077
A denial-of-service issue was discovered on certain GL-iNet devices. • https://gl-inet.com https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Denial%20of%20service.md •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41285
https://notcve.org/view.php?id=CVE-2024-41285
A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path. • https://gist.github.com/Giles-one/834b2becd7abebc3cabea0484301d149 https://github.com/Giles-one/FW300RouterCrack https://www.fastcom.com.cn/product-8.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43939 – WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Arbitrary Option Deletion vulnerability
https://notcve.org/view.php?id=CVE-2024-43939
The Zynith SEO plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on a function in all versions up to, and including, 7.4.9. • https://patchstack.com/database/vulnerability/zynith-seo/wordpress-z-y-n-i-t-h-plugin-7-4-9-unauthenticated-arbitrary-option-deletion-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-8088 – Infinite loop when iterating over zip archive entry names from zipfile.Path
https://notcve.org/view.php?id=CVE-2024-8088
This flaw allows an attacker to craft a malicious ZIP archive, leading to a denial of service from the application consuming the zipfile module. • https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU https://github.com/python/cpython/pull/122906 https://github.com/python/cpython/issues/122905 https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64 https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db https://github.com/python/cp • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •