CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2023-49202
https://notcve.org/view.php?id=CVE-2023-49202
25 Oct 2024 — This CVE in CoreDNS is associated with DNSBomb, a type of pulsing denial-of-service (DoS) attack. DNSBomb exploits multiple widely-implemented DNS mechanisms to accumulate DNS queries that are sent at a low rate, amplify queries into large-sized responses, and concentrate all DNS responses into a short, high-volume periodic pulsing burst to simultaneously overwhelm target systems. •
CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2023-49201
https://notcve.org/view.php?id=CVE-2023-49201
25 Oct 2024 — This CVE in SDNS is associated with DNSBomb, a type of pulsing denial-of-service (DoS) attack. DNSBomb exploits multiple widely-implemented DNS mechanisms to accumulate DNS queries that are sent at a low rate, amplify queries into large-sized responses, and concentrate all DNS responses into a short, high-volume periodic pulsing burst to simultaneously overwhelm target systems. •
CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2022-30268
https://notcve.org/view.php?id=CVE-2022-30268
25 Oct 2024 — This could allow an attacker to push malicious firmware images to the controller and cause a denial-of-service condition or allow remote code execution. •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48227
https://notcve.org/view.php?id=CVE-2024-48227
25 Oct 2024 — Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS). • https://github.com/funadmin/funadmin/issues/27 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47173 – Aimeos GraphQL API admin interface denial of service vulnerability in SaaS and marketplace setups
https://notcve.org/view.php?id=CVE-2024-47173
24 Oct 2024 — All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. • https://github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92w • CWE-270: Privilege Context Switching Error •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9692 – Improper Access Control in Input in VIMESA VHF/FM Transmitter Blue Plus
https://notcve.org/view.php?id=CVE-2024-9692
24 Oct 2024 — VIMESA VHF/FM Transmitter Blue Plus is suffering from a Denial-of-Service (DoS) vulnerability. An unauthenticated attacker can issue an unauthorized HTTP GET request to the unprotected endpoint 'doreboot' and restart the transmitter operations. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-298-01 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2024-6826 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2024-6826
24 Oct 2024 — A denial of service could occur via importing a malicious crafted XML manifest file. • https://gitlab.com/gitlab-org/gitlab/-/issues/472928 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-20526
https://notcve.org/view.php?id=CVE-2024-20526
23 Oct 2024 — A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. ... A successful exploit could allow the attacker to exhaust available SSH resources on the affected device so that new SSH connections to the device are denied, resulting in a DoS condition. Existing SSH connections to the devi... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 175EXPL: 0CVE-2024-20495
https://notcve.org/view.php?id=CVE-2024-20495
23 Oct 2024 — A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. ... A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 25EXPL: 0CVE-2024-20494
https://notcve.org/view.php?id=CVE-2024-20494
23 Oct 2024 — A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper data validation during the TLS 1.3 handshake. ... A successful exploit could allow the attacker to cause the device to reload, resulti... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB • CWE-1287: Improper Validation of Specified Type of Input •