CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0126 – Gentoo Linux Security Advisory 202412-20
https://notcve.org/view.php?id=CVE-2024-0126
26 Oct 2024 — A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5586 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49767 – Werkzeug possible resource exhaustion when parsing file data in forms
https://notcve.org/view.php?id=CVE-2024-49767
25 Oct 2024 — Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all flask applications) are vulnerable to a relatively simple but effective resource exhaustion (denial of service) attack. • https://github.com/pallets/quart/commit/5e78c4169b8eb66b91ead3e62d44721b9e1644ee • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10387 – Rockwell Automation FactoryTalk ThinManager Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-10387
25 Oct 2024 — CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in Denial-of-Service. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in Denial-of-Service. CVE-2024-10387 IMPACT A Denial-of-Service vulnerability ... • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47481
https://notcve.org/view.php?id=CVE-2024-47481
25 Oct 2024 — An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Denial of service. • https://www.dell.com/support/kbdoc/en-us/000240535/dsa-2024-419-security-update-for-dell-data-lakehouse-system-software-for-multiple-third-party-component-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44101
https://notcve.org/view.php?id=CVE-2024-44101
25 Oct 2024 — This could lead to remote denial of service with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-476: NULL Pointer Dereference •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-28454
https://notcve.org/view.php?id=CVE-2023-28454
25 Oct 2024 — This CVE in CoreDNS is associated with DNSBomb, a type of pulsing denial-of-service (DoS) attack. DNSBomb exploits multiple widely-implemented DNS mechanisms to accumulate DNS queries that are sent at a low rate, amplify queries into large-sized responses, and concentrate all DNS responses into a short, high-volume periodic pulsing burst to simultaneously overwhelm target systems. •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-49207
https://notcve.org/view.php?id=CVE-2023-49207
25 Oct 2024 — This CVE in Dnsmasq is associated with DNSBomb, a type of pulsing denial-of-service (DoS) attack. DNSBomb exploits multiple widely-implemented DNS mechanisms to accumulate DNS queries that are sent at a low rate, amplify queries into large-sized responses, and concentrate all DNS responses into a short, high-volume periodic pulsing burst to simultaneously overwhelm target systems. •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-49206
https://notcve.org/view.php?id=CVE-2023-49206
25 Oct 2024 — This CVE in Knot Resolver is associated with DNSBomb, a type of pulsing denial-of-service (DoS) attack. DNSBomb exploits multiple widely-implemented DNS mechanisms to accumulate DNS queries that are sent at a low rate, amplify queries into large-sized responses, and concentrate all DNS responses into a short, high-volume periodic pulsing burst to simultaneously overwhelm target systems. •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-49205
https://notcve.org/view.php?id=CVE-2023-49205
25 Oct 2024 — This CVE in Simple DNS Plus is associated with DNSBomb, a type of pulsing denial-of-service (DoS) attack. DNSBomb exploits multiple widely-implemented DNS mechanisms to accumulate DNS queries that are sent at a low rate, amplify queries into large-sized responses, and concentrate all DNS responses into a short, high-volume periodic pulsing burst to simultaneously overwhelm target systems. •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-49204
https://notcve.org/view.php?id=CVE-2023-49204
25 Oct 2024 — This CVE in MaraDNS is associated with DNSBomb, a type of pulsing denial-of-service (DoS) attack. DNSBomb exploits multiple widely-implemented DNS mechanisms to accumulate DNS queries that are sent at a low rate, amplify queries into large-sized responses, and concentrate all DNS responses into a short, high-volume periodic pulsing burst to simultaneously overwhelm target systems. •