CVE-2024-7587 – Information Disclosure, Information Tampering and Denial of Service (DoS) Vulnerability in GENESIS64 and MC Works64
https://notcve.org/view.php?id=CVE-2024-7587
22 Oct 2024 — Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for ICONICS GENESIS64 version 10.97.3 and prior, Mitsubishi Electric GENESIS64 version 10.97.3 and prior and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to disclose or tamper with confidential information and data contained in the products, or cause a denial of service (DoS) condition on the products, by accessing a folder with incorr... • https://jvn.jp/vu/JVNVU95548104 • CWE-276: Incorrect Default Permissions •
CVE-2024-50311 – Graphql: denial of service (dos) vulnerability via graphql batching
https://notcve.org/view.php?id=CVE-2024-50311
22 Oct 2024 — A denial of service (DoS) vulnerability was found in OpenShift. • https://access.redhat.com/security/cve/CVE-2024-50311 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-52918 – media: pci: cx23885: check cx23885_vdev_init() return
https://notcve.org/view.php?id=CVE-2023-52918
22 Oct 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8e31b096e2e1949bc8f0be019c9ae70d414404c6 •
CVE-2024-31029
https://notcve.org/view.php?id=CVE-2024-31029
22 Oct 2024 — An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets. • https://gist.github.com/dqp10515/41ec400b7eecfcae7578d505598ab85f • CWE-125: Out-of-bounds Read •
CVE-2024-44331
https://notcve.org/view.php?id=CVE-2024-44331
22 Oct 2024 — Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests. • https://gist.github.com/dqp10515/c6a8879bebe92d8c74f7c52667fd3400 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-40493
https://notcve.org/view.php?id=CVE-2024-40493
22 Oct 2024 — Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP packet that causes `coap_msg_get_payload(resp)` to return a null pointer, which is then dereferenced in a call to `memcpy`. • https://gist.github.com/dqp10515/fe80005e2fb58ed8ada178ac017e4ad4 • CWE-476: NULL Pointer Dereference •
CVE-2024-40494
https://notcve.org/view.php?id=CVE-2024-40494
22 Oct 2024 — Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet. • https://gist.github.com/dqp10515/e9d7d663cb89187bfe7b39bb3aeb0113 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-42643
https://notcve.org/view.php?id=CVE-2024-42643
22 Oct 2024 — Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access. • https://github.com/pymumu/smartdns/issues/1779 • CWE-190: Integer Overflow or Wraparound •
CVE-2024-50062 – RDMA/rtrs-srv: Avoid null pointer deref during path establishment
https://notcve.org/view.php?id=CVE-2024-50062
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/394b2f4d5e014820455af3eb5859eb328eaafcfd •
CVE-2024-50046 – NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
https://notcve.org/view.php?id=CVE-2024-50046
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/0e65a32c8a569db363048e17a708b1a0913adbef •