CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42358 – Loop with Unreachable Exit Condition ('Infinite Loop') in pdfio
https://notcve.org/view.php?id=CVE-2024-42358
There is a denial of service (DOS) vulnerability in the TTF parser. ... This library, whether used as a standalone binary or as part of another application, is vulnerable to DOS attacks when parsing certain types of files. • https://github.com/michaelrsweet/pdfio/commit/e4e1c39578279386b0ab9f9ac14b20a8bad4f935 https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-4hh9-j68x-8353 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-7246 – HPACK table poisoning in gRPC C++, Python & Ruby
https://notcve.org/view.php?id=CVE-2024-7246
A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. • https://github.com/grpc/grpc/issues/36245 https://access.redhat.com/security/cve/CVE-2024-7246 https://bugzilla.redhat.com/show_bug.cgi?id=2303104 • CWE-440: Expected Behavior Violation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28962
https://notcve.org/view.php?id=CVE-2024-28962
An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. • https://www.dell.com/support/kbdoc/en-us/000227236/dsa-2024-169 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: -EPSS: 0%CPEs: -EXPL: 1CVE-2024-36424 – K7 Ultimate Security NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2024-36424
K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference. In K7 Ultimate Security versions prior to 17.0.2019, the driver file (K7RKScan.sys - this version 15.1.0.7) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of a null pointer dereference from IOCtl 0x222010 and 0x222014. • https://github.com/secunnix/CVE-2024-36424 https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-5th-aug-2024-417 https://www.k7computing.com •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-30170
https://notcve.org/view.php?id=CVE-2024-30170
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. • https://info.ssh.com/improper-input-validation-faq https://privx.docs.ssh.com/docs/security • CWE-400: Uncontrolled Resource Consumption •