CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-8451 – PLANET Technology switch devices - SSH server DoS attack
https://notcve.org/view.php?id=CVE-2024-8451
Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service. • https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-45200
https://notcve.org/view.php?id=CVE-2024-45200
This enables a remote attacker to obtain complete denial-of-service on the game's process, or potentially, remote code execution on the victim's console. • https://github.com/latte-soft/kartlanpwn https://hackerone.com/reports/2611669 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6436 – Rockwell Automation Input Validation Vulnerability exists in the SequenceManagerâ„¢ Server
https://notcve.org/view.php?id=CVE-2024-6436
An input validation vulnerability exists in the Rockwell Automation Sequence Managerâ„¢ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1679.html • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-38809 – org.springframework:spring-web: Spring Framework DoS via conditional HTTP request
https://notcve.org/view.php?id=CVE-2024-38809
Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers, e.g. through a Filter. ... Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request. • https://spring.io/security/cve-2024-38809 https://access.redhat.com/security/cve/CVE-2024-38809 https://bugzilla.redhat.com/show_bug.cgi?id=2314495 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6654 – Denial of Service vulnerability in ESET products for macOS
https://notcve.org/view.php?id=CVE-2024-6654
Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system slow-down. • https://support.eset.com/en/ca8725-local-privilege-escalation-vulnerability-in-eset-products-for-macos-fixed https://support.eset.com/en/ca8725-denial-of-service-vulnerability-in-eset-products-for-macos-fixed • CWE-377: Insecure Temporary File •