CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9953 – Potential DoS Vulnerability in CERT VINCE Software Before Version 3.0.8
https://notcve.org/view.php?id=CVE-2024-9953
14 Oct 2024 — A Potential DOS Vulnerability exists in CERT VINCE software prior to version 3.0.8. ... This can lead to a potential DoS on the server when the user's profile is accessed. ... A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. An authenticated administrative user can inject an arbitrary pickle object into a user’s profile, which may lead to a DoS condition <... • https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47831 – Next.js image optimization has Denial of Service condition
https://notcve.org/view.php?id=CVE-2024-47831
14 Oct 2024 — Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a potential Denial of Service (DoS) condition which could lead to excessive CPU consumption. • https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a • CWE-674: Uncontrolled Recursion •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8184 – Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
https://notcve.org/view.php?id=CVE-2024-8184
14 Oct 2024 — There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. ... This flaw allows unauthorized users to cause remote den... • https://github.com/jetty/jetty.project/pull/11723 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-6762 – Jetty PushSessionCacheFilter can cause remote DoS attacks
https://notcve.org/view.php?id=CVE-2024-6762
14 Oct 2024 — Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory. • https://github.com/jetty/jetty.project/pull/10755 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-9823 – Jetty DOS vulnerability on DosFilter
https://notcve.org/view.php?id=CVE-2024-9823
14 Oct 2024 — There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. ... This issue may cause a crash, leading to a denial of service. • https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6959 – Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-6959
13 Oct 2024 — A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack when uploading an audio file. ... The vulnerability leads to service disruption, resource exhaustion, and extended downtime. Una vulnerabilidad en la versión 9.8 de parisneo/lollms-webui permite un ataque de denegación de servicio (DOS) al cargar un archivo de audio. • https://huntr.com/bounties/6394d32e-f35c-418a-95b8-e7254ed0bc8e • CWE-352: Cross-Site Request Forgery (CSRF) CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38365 – btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality
https://notcve.org/view.php?id=CVE-2024-38365
11 Oct 2024 — This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). • https://delvingbitcoin.org/t/cve-2024-38365-public-disclosure-btcd-findanddelete-bug/1184 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47506 – Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash
https://notcve.org/view.php?id=CVE-2024-47506
11 Oct 2024 — A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. • https://supportportal.juniper.net/JSA88137 • CWE-833: Deadlock •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47509 – Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #3
https://notcve.org/view.php?id=CVE-2024-47509
11 Oct 2024 — An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. An Allocation of Resources ... • https://supportportal.juniper.net • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47508 – Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #2
https://notcve.org/view.php?id=CVE-2024-47508
11 Oct 2024 — An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. An Allocation of Resources ... • https://supportportal.juniper.net • CWE-770: Allocation of Resources Without Limits or Throttling •