CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-45200
https://notcve.org/view.php?id=CVE-2024-45200
In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows a remote attacker to exploit a stack-based buffer overflow upon deserialization of session information via a malformed browse-reply packet, aka KartLANPwn. ... This enables a remote attacker to obtain complete denial-of-service on the game's process, or potentially, remote code execution on the victim's console. The issue is caused by incorrect use of the Nintendo Pia library, • https://github.com/latte-soft/kartlanpwn https://hackerone.com/reports/2611669 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6436 – Rockwell Automation Input Validation Vulnerability exists in the SequenceManagerâ„¢ Server
https://notcve.org/view.php?id=CVE-2024-6436
An input validation vulnerability exists in the Rockwell Automation Sequence Managerâ„¢ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. ... Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1679.html • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-38809 – org.springframework:spring-web: Spring Framework DoS via conditional HTTP request
https://notcve.org/view.php?id=CVE-2024-38809
Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers, e.g. through a Filter. ... Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request. • https://spring.io/security/cve-2024-38809 https://access.redhat.com/security/cve/CVE-2024-38809 https://bugzilla.redhat.com/show_bug.cgi?id=2314495 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6654 – Denial of Service vulnerability in ESET products for macOS
https://notcve.org/view.php?id=CVE-2024-6654
Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system slow-down. • https://support.eset.com/en/ca8725-local-privilege-escalation-vulnerability-in-eset-products-for-macos-fixed https://support.eset.com/en/ca8725-denial-of-service-vulnerability-in-eset-products-for-macos-fixed • CWE-377: Insecure Temporary File •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-39434
https://notcve.org/view.php?id=CVE-2024-39434
In drm service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241 •