CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-25590 – Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor
https://notcve.org/view.php?id=CVE-2024-25590
03 Oct 2024 — Repeatedly processing and caching results for these sets can lead to a denial of service. • https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47554 – Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader
https://notcve.org/view.php?id=CVE-2024-47554
03 Oct 2024 — Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed. • https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47136
https://notcve.org/view.php?id=CVE-2024-47136
03 Oct 2024 — Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. ... Si un usuario abre un archivo de proyecto especialmente manipulado que se guardó con el software de programación de PLC Kostac versión 1.6.9.0 y anteriores, puede provocar... • https://jvn.jp/en/vu/JVNVU92808077 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47135
https://notcve.org/view.php?id=CVE-2024-47135
03 Oct 2024 — Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. ... Si un usuario abre un archivo de proyecto especialmente manipulado que se guardó con el software de programación de PLC Kostac versión 1.6.9.0 y anteriores, puede provocar... • https://jvn.jp/en/vu/JVNVU92808077 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47134
https://notcve.org/view.php?id=CVE-2024-47134
03 Oct 2024 — Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. ... Si un usuario abre un archivo de proyecto especialmente manipulado que se guardó con el software de programación de PLC Kostac versión 1.6.9.0 y anteriores, puede provocar... • https://jvn.jp/en/vu/JVNVU92808077 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45871
https://notcve.org/view.php?id=CVE-2024-45871
03 Oct 2024 — Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS). • https://github.com/Jaecho6053/BandiView_PoC • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41595
https://notcve.org/view.php?id=CVE-2024-41595
03 Oct 2024 — DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations. • https://www.forescout.com/resources/draybreak-draytek-research • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20509 – Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20509
02 Oct 2024 — A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20513 – Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Targeted Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20513
02 Oct 2024 — A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. ... An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further vali... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2024-20502 – Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20502
02 Oct 2024 — A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2 • CWE-400: Uncontrolled Resource Consumption •