CVSS: 3.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-9399 – firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service
https://notcve.org/view.php?id=CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. ... The Mozilla Foundation's Security Advisory: A website configured to initiate a specially crafted WebTransport session could crash the Firefox process, leading to a denial of service condition. • https://bugzilla.mozilla.org/show_bug.cgi?id=1907726 https://www.mozilla.org/security/advisories/mfsa2024-46 https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.mozilla.org/security/advisories/mfsa2024-49 https://www.mozilla.org/security/advisories/mfsa2024-50 https://access.redhat.com/security/cve/CVE-2024-9399 https://bugzilla.redhat.com/show_bug.cgi?id=2315945 • CWE-404: Improper Resource Shutdown or Release CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-0116
https://notcve.org/view.php?id=CVE-2024-0116
A successful exploit of this vulnerability may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5565 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8454 – PLANET Technology switch devices - Swctrl service DoS attack
https://notcve.org/view.php?id=CVE-2024-8454
Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service. • https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-8451 – PLANET Technology switch devices - SSH server DoS attack
https://notcve.org/view.php?id=CVE-2024-8451
Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service. • https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-45200
https://notcve.org/view.php?id=CVE-2024-45200
This enables a remote attacker to obtain complete denial-of-service on the game's process, or potentially, remote code execution on the victim's console. • https://github.com/latte-soft/kartlanpwn https://hackerone.com/reports/2611669 • CWE-94: Improper Control of Generation of Code ('Code Injection') •