CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-35418
https://notcve.org/view.php?id=CVE-2024-35418
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. • https://gist.github.com/haruki3hhh/29237c52bd0cc30e3cc906f0af221b09 https://github.com/kanaka/wac/issues/19 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-35419
https://notcve.org/view.php?id=CVE-2024-35419
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. • https://gist.github.com/haruki3hhh/8b9e1922083abef33a9024017eb2b9fe https://github.com/kanaka/wac/issues/18 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-27527
https://notcve.org/view.php?id=CVE-2024-27527
wasm3 139076a is vulnerable to Denial of Service (DoS). • https://gist.github.com/haruki3hhh/5d2f3a216457aeef9f40331aca33be6e https://github.com/wasm3/wasm3/issues/464 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47072 – XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
https://notcve.org/view.php?id=CVE-2024-47072
This vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. • https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266 https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q https://x-stream.github.io/CVE-2024-47072.html • CWE-121: Stack-based Buffer Overflow CWE-502: Deserialization of Untrusted Data •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50163 – bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
https://notcve.org/view.php?id=CVE-2024-50163
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Asegúrese de que los indicadores bpf_redirect internos y de UAPI no se superpongan El bpf_redirect_info se comparte entre las rutas de redireccionamiento de SKB y XDP, y las dos rutas usan los mismos valores de indicador numérico en el campo ri->flags (específicamente, BPF_F_BROADCAST == BPF_F_NEXTHOP). • https://git.kernel.org/stable/c/e624d4ed4aa8cc3c69d1359b0aaea539203ed266 https://git.kernel.org/stable/c/4e1e428533845d48828bd3875c0e92e8565b9962 https://git.kernel.org/stable/c/314dbee9fe4f5cee36435465de52c988d7caa466 https://git.kernel.org/stable/c/0fca5ed4be8e8bfbfb9bd97845af596bab7192d3 https://git.kernel.org/stable/c/cec288e05ceac9a0d3a3a1fd279534b11844c826 https://git.kernel.org/stable/c/09d88791c7cd888d5195c84733caf9183dcfbd16 •