CVE-2024-44331
https://notcve.org/view.php?id=CVE-2024-44331
Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests. • https://gist.github.com/dqp10515/c6a8879bebe92d8c74f7c52667fd3400 https://github.com/dqp10515/security/tree/main/gst-rtsp-server_bug/bug1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-49974 – NFSD: Limit the number of concurrent async COPY operations
https://notcve.org/view.php?id=CVE-2024-49974
Thus IMO async COPY can become a DoS vector. Add a restriction mechanism that bounds the number of concurrent background COPY operations. • https://git.kernel.org/stable/c/b4e21431a0db4854b5023cd5af001be557e6c3db https://git.kernel.org/stable/c/6a488ad7745b8f64625c6d3a24ce7e448e83f11b https://git.kernel.org/stable/c/aadc3bbea163b6caaaebfdd2b6c4667fbc726752 •
CVE-2024-31007
https://notcve.org/view.php?id=CVE-2024-31007
Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial of service via a crafted file. • https://github.com/kirito999/IrfanViewBug https://www.fosshub.com/IrfanView.html?dwl=iview466_setup.exe https://www.fosshub.com/IrfanView.html?dwl=iview466_plugins.zip https://mediaside.net/irfanview-italia/2024/04/12/4-67-data-di-rilascio-5-aprile-2024 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-21536
https://notcve.org/view.php?id=CVE-2024-21536
Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. • https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a https://github.com/chimurai/http-proxy-middleware/commit/0b4274e8cc9e9a2c5a06f35fbf456ccfcebc55a5 https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22 https://security.snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906 • CWE-400: Uncontrolled Resource Consumption •
CVE-2024-7316 – Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series
https://notcve.org/view.php?id=CVE-2024-7316
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition on the product by sending specially crafted packets to TCP port 683, causing an emergency stop. • https://jvn.jp/vu/JVNVU92054409/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-03 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-007_en.pdf • CWE-1284: Improper Validation of Specified Quantity in Input •