CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-47173 – Aimeos GraphQL API admin interface denial of service vulnerability in SaaS and marketplace setups
https://notcve.org/view.php?id=CVE-2024-47173
All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. • https://github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92w • CWE-270: Privilege Context Switching Error •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-9692 – Improper Access Control in Input in VIMESA VHF/FM Transmitter Blue Plus
https://notcve.org/view.php?id=CVE-2024-9692
VIMESA VHF/FM Transmitter Blue Plus is suffering from a Denial-of-Service (DoS) vulnerability. An unauthenticated attacker can issue an unauthorized HTTP GET request to the unprotected endpoint 'doreboot' and restart the transmitter operations. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-298-01 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2024-6826 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2024-6826
A denial of service could occur via importing a malicious crafted XML manifest file. • https://gitlab.com/gitlab-org/gitlab/-/issues/472928 https://hackerone.com/reports/2571364 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-20526
https://notcve.org/view.php?id=CVE-2024-20526
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. ... A successful exploit could allow the attacker to exhaust available SSH resources on the affected device so that new SSH connections to the device are denied, resulting in a DoS condition. Existing SSH connections to the device would continue to function normally. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 175EXPL: 0CVE-2024-20495
https://notcve.org/view.php?id=CVE-2024-20495
A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of client key data after the TLS session is established. ... A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT • CWE-20: Improper Input Validation •