CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-7587 – Information Disclosure, Information Tampering and Denial of Service (DoS) Vulnerability in GENESIS64 and MC Works64
https://notcve.org/view.php?id=CVE-2024-7587
Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for ICONICS GENESIS64 version 10.97.3 and prior, Mitsubishi Electric GENESIS64 version 10.97.3 and prior and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to disclose or tamper with confidential information and data contained in the products, or cause a denial of service (DoS) condition on the products, by accessing a folder with incorrect permissions, when GenBroker32 is installed on the same PC as GENESIS64 or MC Works64. • https://jvn.jp/vu/JVNVU95548104 https://www.cisa.gov/news-events/ics-advisories/icsa-24-296-01 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-008_en.pdf • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-50311 – Graphql: denial of service (dos) vulnerability via graphql batching
https://notcve.org/view.php?id=CVE-2024-50311
A denial of service (DoS) vulnerability was found in OpenShift. ... The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. • https://access.redhat.com/security/cve/CVE-2024-50311 https://bugzilla.redhat.com/show_bug.cgi?id=2319379 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-40493
https://notcve.org/view.php?id=CVE-2024-40493
Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP packet that causes `coap_msg_get_payload(resp)` to return a null pointer, which is then dereferenced in a call to `memcpy`. • https://gist.github.com/dqp10515/fe80005e2fb58ed8ada178ac017e4ad4 https://github.com/keith-cullen/FreeCoAP/issues/37 • CWE-476: NULL Pointer Dereference •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-31029
https://notcve.org/view.php?id=CVE-2024-31029
An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets. • https://gist.github.com/dqp10515/41ec400b7eecfcae7578d505598ab85f https://github.com/keith-cullen/FreeCoAP/issues/36 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-40494
https://notcve.org/view.php?id=CVE-2024-40494
Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet. • https://gist.github.com/dqp10515/e9d7d663cb89187bfe7b39bb3aeb0113 https://github.com/dqp10515/security/tree/main/FreeCoAP_bug • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •