CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45802 – Squid Denial of Service
https://notcve.org/view.php?id=CVE-2024-45802
Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10. ... Due to input validation and resource management issues, a denial of service may be triggered during the processing of certain Edge Side Includes (ESI) response content. • https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj https://access.redhat.com/security/cve/CVE-2024-45802 https://bugzilla.redhat.com/show_bug.cgi?id=2322154 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-34537
https://notcve.org/view.php?id=CVE-2024-34537
TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. • https://github.com/TYPO3/typo3/security/advisories/GHSA-ffcv-v6pw-qhrp https://typo3.org/security/advisory/typo3-core-sa-2024-011 https://www.mgm-sp.com/cve/denial-of-service-in-typo3-bookmark-toolbar •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-50602 – libexpat: expat: DoS via XML_ResumeParser
https://notcve.org/view.php?id=CVE-2024-50602
A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service. • https://github.com/libexpat/libexpat/pull/915 https://access.redhat.com/security/cve/CVE-2024-50602 https://bugzilla.redhat.com/show_bug.cgi?id=2321987 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0CVE-2020-26311 – GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent
https://notcve.org/view.php?id=CVE-2020-26311
All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no patches are available. • https://github.com/3rd-Eden/useragent/issues/167 https://securitylab.github.com/advisories/GHSL-2020-312-redos-useragent • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0CVE-2020-26310 – GHSL-2020-305: Regular Expression Denial of Service (ReDoS) in Pure JavaScript HTML5 Parser
https://notcve.org/view.php?id=CVE-2020-26310
Validate.js provides a declarative way of validating javascript objects. All versions as of 30 November 2020 contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any patches are available. • https://github.com/blowsie/Pure-JavaScript-HTML5-Parser/issues/14 https://securitylab.github.com/advisories/GHSL-2020-305-redos-Pure-JavaScript-HTML5-Parser • CWE-1333: Inefficient Regular Expression Complexity •