CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47609 – Remotely exploitable DoS in Tonic `<=v0.12.2`
https://notcve.org/view.php?id=CVE-2024-47609
When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. • https://github.com/hyperium/tonic/commit/a4472a86f3290e60c7c01348b7e6a8164d6e7e48 https://github.com/hyperium/tonic/issues/1897 https://github.com/hyperium/tonic/security/advisories/GHSA-4jwc-w2hc-78qv • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 3.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-9399 – firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service
https://notcve.org/view.php?id=CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. ... The Mozilla Foundation's Security Advisory: A website configured to initiate a specially crafted WebTransport session could crash the Firefox process, leading to a denial of service condition. • https://bugzilla.mozilla.org/show_bug.cgi?id=1907726 https://www.mozilla.org/security/advisories/mfsa2024-46 https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.mozilla.org/security/advisories/mfsa2024-49 https://www.mozilla.org/security/advisories/mfsa2024-50 https://access.redhat.com/security/cve/CVE-2024-9399 https://bugzilla.redhat.com/show_bug.cgi?id=2315945 • CWE-404: Improper Resource Shutdown or Release CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-0116
https://notcve.org/view.php?id=CVE-2024-0116
NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5565 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8454 – PLANET Technology switch devices - Swctrl service DoS attack
https://notcve.org/view.php?id=CVE-2024-8454
The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service. • https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-8451 – PLANET Technology switch devices - SSH server DoS attack
https://notcve.org/view.php?id=CVE-2024-8451
Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service. • https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-400: Uncontrolled Resource Consumption •