CVE-2024-50311 – Graphql: denial of service (dos) vulnerability via graphql batching
https://notcve.org/view.php?id=CVE-2024-50311
A denial of service (DoS) vulnerability was found in OpenShift. ... The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. • https://access.redhat.com/security/cve/CVE-2024-50311 https://bugzilla.redhat.com/show_bug.cgi?id=2319379 • CWE-400: Uncontrolled Resource Consumption •
CVE-2024-40493
https://notcve.org/view.php?id=CVE-2024-40493
Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP packet that causes `coap_msg_get_payload(resp)` to return a null pointer, which is then dereferenced in a call to `memcpy`. • https://gist.github.com/dqp10515/fe80005e2fb58ed8ada178ac017e4ad4 https://github.com/keith-cullen/FreeCoAP/issues/37 • CWE-476: NULL Pointer Dereference •
CVE-2024-31029
https://notcve.org/view.php?id=CVE-2024-31029
An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets. • https://gist.github.com/dqp10515/41ec400b7eecfcae7578d505598ab85f https://github.com/keith-cullen/FreeCoAP/issues/36 • CWE-125: Out-of-bounds Read •
CVE-2024-40494
https://notcve.org/view.php?id=CVE-2024-40494
Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet. • https://gist.github.com/dqp10515/e9d7d663cb89187bfe7b39bb3aeb0113 https://github.com/dqp10515/security/tree/main/FreeCoAP_bug • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-42643
https://notcve.org/view.php?id=CVE-2024-42643
Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access. • https://github.com/pymumu/smartdns/issues/1779 • CWE-190: Integer Overflow or Wraparound •