CVE-2024-47939
https://notcve.org/view.php?id=CVE-2024-47939
If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendor under [References]. • https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000011 https://jvn.jp/en/jp/JVN87770340 https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000011 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-22733
https://notcve.org/view.php?id=CVE-2024-22733
TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker. • https://lenoctambule.dev/post/dos-on-tp-link-web-admin-panel • CWE-476: NULL Pointer Dereference •
CVE-2024-48289
https://notcve.org/view.php?id=CVE-2024-48289
An issue in the Bluetooth Low Energy implementation of Cypress Bluetooth SDK v3.66 allows attackers to cause a Denial of Service (DoS) via supplying a crafted LL_PAUSE_ENC_REQ packet. • https://community.infineon.com/t5/PSoC-4/BLE-SDK-Integer-Overflow/m-p/888037#M49108 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-8185 – Vault Vulnerable to Denial of Service When Processing Raft Join Requests
https://notcve.org/view.php?id=CVE-2024-8185
Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12. • https://discuss.hashicorp.com/t/hcsec-2024-26-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-processing-raft-cluster-join-requests/71047 • CWE-636: Not Failing Securely ('Failing Open') •
CVE-2024-38286 – Apache Tomcat: Denial of Service
https://notcve.org/view.php?id=CVE-2024-38286
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. • https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s https://access.redhat.com/security/cve/CVE-2024-38286 https://bugzilla.redhat.com/show_bug.cgi?id=2314686 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •