CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-42934 – openipmi: missing check on the authorization type on incoming LAN messages in IPMI simulator
https://notcve.org/view.php?id=CVE-2024-42934
OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with very low probability) authentication bypass or code execution. ... Due to a missing check in the authorization type on incoming LAN messages, an attacker may be able to trigger a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=2308375 https://sourceforge.net/p/openipmi/code/ci/4c129d0540f3578ecc078d8612bbf84b6cd24c87 https://sourceforge.net/p/openipmi/code/ci/b52e8e2538b2b48ef6b63bff12b5cc9e2d52eff1 https://access.redhat.com/security/cve/CVE-2024-42934 • CWE-862: Missing Authorization •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-32608
https://notcve.org/view.php?id=CVE-2024-32608
HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-46292
https://notcve.org/view.php?id=CVE-2024-46292
A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service (DoS) via a crafted input inserted into the name parameter. • https://github.com/owasp-modsecurity/ModSecurity/blob/v3/master/README.md https://github.com/yoloflz101/yoloflz/blob/main/README.md https://modsecurity.org/20241011/about-cve-2024-46292-2024-october • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-46304
https://notcve.org/view.php?id=CVE-2024-46304
A NULL pointer dereference in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c. • https://github.com/obgm/libcoap/issues/1509 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-45872
https://notcve.org/view.php?id=CVE-2023-45872
When a QML image refers to an image whose content is not known yet, there is an assumption that it is an SVG document, leading to a denial of service (application crash) if it is not actually an SVG document. • https://bugzilla.redhat.com/show_bug.cgi?id=2246067 https://qt.io •