CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31007
https://notcve.org/view.php?id=CVE-2024-31007
21 Oct 2024 — Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial of service via a crafted file. • https://github.com/kirito999/IrfanViewBug • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21536 – http-proxy-middleware: Denial of Service
https://notcve.org/view.php?id=CVE-2024-21536
19 Oct 2024 — Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. ... Affected versions of this package are vulnerable to denial of service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. • https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-7316 – Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series
https://notcve.org/view.php?id=CVE-2024-7316
17 Oct 2024 — Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition on the product by sending specially crafted packets to TCP port 683, causing an emergency stop. • https://jvn.jp/vu/JVNVU92054409/index.html • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 8.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-48924 – MessagePack allows untrusted data to lead to DoS attack due to hash collisions and stack overflow
https://notcve.org/view.php?id=CVE-2024-48924
17 Oct 2024 — ### Impact When this library is used to deserialize messagepack data from an untrusted source, there is a risk of a denial of service attack by an attacker that sends data contrived to produce hash collisions, leading to large CPU consumption disproportionate to the size of the data being deserialized. ... • https://github.com/MessagePack-CSharp/MessagePack-CSharp/commit/8e599af0798b45008f8b293a7f233e4878f11ed5 • CWE-328: Use of Weak Hash •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47459 – Substance3D - Sampler | NULL Pointer Dereference (CWE-476)
https://notcve.org/view.php?id=CVE-2024-47459
17 Oct 2024 — Substance3D - Sampler versions 4.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-65.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6729 – Nokia SR OS: File Access Security Vulnerability
https://notcve.org/view.php?id=CVE-2023-6729
17 Oct 2024 — This type of attack can lead to a compromise or denial of service of the router after the system is rebooted. • https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-6729 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3187
https://notcve.org/view.php?id=CVE-2024-3187
17 Oct 2024 — This may lead to memory corruption, potentially causing a Denial of Service (DoS) or, in rare cases, code execution, though the latter is highly context-dependent. Este problema se debe a dos vulnerabilidades CWE-416 de Use After Free (UAF) y una vulnerabilidad CWE-415 de doble liberación en las versiones de Goahead anteriores a la 6.0.0. ... Esto puede provocar una corrupción de la memoria, lo que puede provocar una denegación de servicio (D... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3187 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3186
https://notcve.org/view.php?id=CVE-2024-3186
17 Oct 2024 — This vulnerability allows a remote attacker with the privileges to modify JavaScript template (JST) files to trigger a crash and cause a Denial of Service (DoS) by providing malicious templates. ... Esta vulnerabilidad permite que un atacante remoto con privilegios para modificar archivos de plantilla de JavaScript (JST) provoque un bloqueo y provoque una denegación de servicio (DoS) al proporcionar plantillas maliciosas. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3186 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3184
https://notcve.org/view.php?id=CVE-2024-3184
17 Oct 2024 — Without a memory notifier for allocation failures, remote attackers can exploit these vulnerabilities by sending malicious requests, leading to a crash and Denial of Service (DoS). ... Sin un notificador de memoria para errores de asignación, los atacantes remotos pueden explotar estas vulnerabilidades enviando solicitudes maliciosas, lo que provoca un bloqueo y una denegación de servicio (DoS). • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3184 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9631
https://notcve.org/view.php?id=CVE-2024-9631
17 Oct 2024 — A remote attacker can perform a denial of service (DoS) attack. •