CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-44297
https://notcve.org/view.php?id=CVE-2024-44297
Processing a maliciously crafted message may lead to a denial-of-service. • https://support.apple.com/en-us/121563 https://support.apple.com/en-us/121565 https://support.apple.com/en-us/121566 https://support.apple.com/en-us/121567 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121569 https://support.apple.com/en-us/121570 •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47827 – Argo Workflows Controller: Denial of Service via malicious daemon Workflows
https://notcve.org/view.php?id=CVE-2024-47827
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerability is fixed in 3.6.0-rc2. • https://github.com/argoproj/argo-workflows/blob/ce7f9bfb9b45f009b3e85fabe5e6410de23c7c5f/workflow/metrics/metrics_k8s_request.go#L75 https://github.com/argoproj/argo-workflows/commit/524406451f4dfa57bf3371fb85becdb56a2b309a https://github.com/argoproj/argo-workflows/pull/13641 https://github.com/argoproj/argo-workflows/security/advisories/GHSA-ghjw-32xw-ffwr • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-1108: Excessive Reliance on Global Variables •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45802 – Squid Denial of Service
https://notcve.org/view.php?id=CVE-2024-45802
Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10. ... Due to input validation and resource management issues, a denial of service may be triggered during the processing of certain Edge Side Includes (ESI) response content. • https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj https://access.redhat.com/security/cve/CVE-2024-45802 https://bugzilla.redhat.com/show_bug.cgi?id=2322154 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-34537
https://notcve.org/view.php?id=CVE-2024-34537
TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. • https://github.com/TYPO3/typo3/security/advisories/GHSA-ffcv-v6pw-qhrp https://typo3.org/security/advisory/typo3-core-sa-2024-011 https://www.mgm-sp.com/cve/denial-of-service-in-typo3-bookmark-toolbar •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-50602 – libexpat: expat: DoS via XML_ResumeParser
https://notcve.org/view.php?id=CVE-2024-50602
A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service. • https://github.com/libexpat/libexpat/pull/915 https://access.redhat.com/security/cve/CVE-2024-50602 https://bugzilla.redhat.com/show_bug.cgi?id=2321987 • CWE-754: Improper Check for Unusual or Exceptional Conditions •