CVE-2024-21195
https://notcve.org/view.php?id=CVE-2024-21195
15 Oct 2024 — Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle BI Publisher accessible data as well as unauthorized update, insert or delete access to some of Oracle BI Publisher accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle BI Publisher. • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVE-2024-21194
https://notcve.org/view.php?id=CVE-2024-21194
15 Oct 2024 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVE-2024-21193
https://notcve.org/view.php?id=CVE-2024-21193
15 Oct 2024 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVE-2024-47874 – Starlette Denial of service (DoS) via multipart/form-data
https://notcve.org/view.php?id=CVE-2024-47874
15 Oct 2024 — Uploading multiple such requests in parallel may be enough to render a service practically unusable, even if reasonable request size limits are enforced by a reverse proxy in front of Starlette. This Denial of service (DoS) vulnerability affects all applications built with Starlette (or FastAPI) accepting form requests. • https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2024-9506 – Regular Expression Denial of Service (ReDoS)
https://notcve.org/view.php?id=CVE-2024-9506
15 Oct 2024 — Improper regular expression in Vue's parseHTML function leads to a potential regular expression denial of service vulnerability. • https://www.herodevs.com/vulnerability-directory/cve-2024-9506 • CWE-1333: Inefficient Regular Expression Complexity •
CVE-2024-9676 – Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)
https://notcve.org/view.php?id=CVE-2024-9676
15 Oct 2024 — A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). • https://access.redhat.com/errata/RHSA-2024:10289 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-47674 – mm: avoid leaving partial pfn mappings around in error case
https://notcve.org/view.php?id=CVE-2024-47674
15 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/3213fdcab961026203dd587a4533600c70b3336b •
CVE-2024-45275 – MB connect line/Helmholz: Hardcoded user accounts with hard-coded passwords
https://notcve.org/view.php?id=CVE-2024-45275
15 Oct 2024 — Los dispositivos contienen dos cuentas de usuario codificadas con contraseñas codificadas que permiten a un atacante remoto no autenticado tener control total de los dispositivos afectados. • https://cert.vde.com/en/advisories/VDE-2024-056 • CWE-798: Use of Hard-coded Credentials •
CVE-2024-44775
https://notcve.org/view.php?id=CVE-2024-44775
15 Oct 2024 — An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request. • https://gist.github.com/pengwGit/26fd8630392af5d8829c2e220091ac4f • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2024-44337
https://notcve.org/view.php?id=CVE-2024-44337
15 Oct 2024 — Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. • https://github.com/Brinmon/CVE-2024-44337 •