CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47827 – Argo Workflows Controller: Denial of Service via malicious daemon Workflows
https://notcve.org/view.php?id=CVE-2024-47827
28 Oct 2024 — Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerability is fixed in 3.6.0-rc2. • https://github.com/argoproj/argo-workflows/blob/ce7f9bfb9b45f009b3e85fabe5e6410de23c7c5f/workflow/metrics/metrics_k8s_request.go#L75 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-1108: Excessive Reliance on Global Variables •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45802 – Squid Denial of Service
https://notcve.org/view.php?id=CVE-2024-45802
28 Oct 2024 — Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. ... Due to input validation and resource management issues, a denial of service may be triggered during the processing of certain Edge Side Includes (ESI) response content. • https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49761 – REXML ReDoS vulnerability
https://notcve.org/view.php?id=CVE-2024-49761
28 Oct 2024 — .;`) can trigger a regular expression denial of service (ReDoS) condition, leading to a denial of service. An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a denial of service vulnerability. • https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-34537
https://notcve.org/view.php?id=CVE-2024-34537
28 Oct 2024 — TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. • https://www.mgm-sp.com/cve/denial-of-service-in-typo3-bookmark-toolbar •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-50612 – libsndfile: Segmentation fault error in ogg_vorbis.c:417 vorbis_analysis_wrote()
https://notcve.org/view.php?id=CVE-2024-50612
27 Oct 2024 — A specially crafted input file may trigger an out-of-bounds read, leading to memory corruption and a denial of service. • https://github.com/libsndfile/libsndfile/issues/1035 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-50602 – libexpat: expat: DoS via XML_ResumeParser
https://notcve.org/view.php?id=CVE-2024-50602
27 Oct 2024 — A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service. ... An attacker could use this issue to cause a denial of service. • https://github.com/libexpat/libexpat/pull/915 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0CVE-2020-26311 – GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent
https://notcve.org/view.php?id=CVE-2020-26311
26 Oct 2024 — All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). • https://github.com/3rd-Eden/useragent/issues/167 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0CVE-2020-26310 – GHSL-2020-305: Regular Expression Denial of Service (ReDoS) in Pure JavaScript HTML5 Parser
https://notcve.org/view.php?id=CVE-2020-26310
26 Oct 2024 — All versions as of 30 November 2020 contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). • https://github.com/blowsie/Pure-JavaScript-HTML5-Parser/issues/14 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26309 – GHSL-2020-303: Regular Expression Denial of Service (ReDoS) in nope-validator
https://notcve.org/view.php?id=CVE-2020-26309
26 Oct 2024 — Versions 0.11.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). • https://github.com/ftonato/nope-validator/issues/352 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26308 – GHSL-2020-302: Regular Expression Denial of Service (ReDoS) in validate.js
https://notcve.org/view.php?id=CVE-2020-26308
26 Oct 2024 — Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). • https://github.com/ansman/validate.js/issues/342 • CWE-1333: Inefficient Regular Expression Complexity •