CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-44460
https://notcve.org/view.php?id=CVE-2024-44460
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS). • https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Nanomq_invalid_read.md •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-45182
https://notcve.org/view.php?id=CVE-2024-45182
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service. • https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf https://wibu.com •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7423 – Stream <= 4.0.1 - Cross-Site Request Forgery to Arbitrary Options Update
https://notcve.org/view.php?id=CVE-2024-7423
This makes it possible for unauthenticated attackers to update arbitrary options that can lead to DoS or privilege escalation via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/stream/tags/4.0.1/classes/class-network.php#L353 https://plugins.trac.wordpress.org/changeset/3139815/stream/trunk/classes/class-network.php https://www.wordfence.com/threat-intel/vulnerabilities/id/9d15e418-36bb-4f53-ac67-8f6122591dd2?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.6EPSS: 0%CPEs: 18EXPL: 0CVE-2024-20304 – Cisco IOS XR Software Packet Memory Exhaustion Vulnerability
https://notcve.org/view.php?id=CVE-2024-20304
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. ... The affected device would not be able to process higher-level UDP-based protocols packets, possibly causing a denial of service (DoS) condition. Note: This vulnerability can be exploited using IPv4 or IPv6. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pak-mem-exhst-3ke9FeFy • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.4EPSS: 0%CPEs: 30EXPL: 0CVE-2024-20406 – Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20406
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. ... A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-xehpbVNe • CWE-20: Improper Input Validation •