CVE-2024-46544 – Apache Tomcat Connectors: mod_jk: local users can view and modify configuration
https://notcve.org/view.php?id=CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. ... An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing mod_jk configuration, which may lead to information disclosure and denial of service. • https://lists.apache.org/thread/q1gp7cc38hs1r8gj8gfnopwznd5fpr4d https://access.redhat.com/security/cve/CVE-2024-46544 https://bugzilla.redhat.com/show_bug.cgi?id=2314194 • CWE-276: Incorrect Default Permissions •
CVE-2024-42861
https://notcve.org/view.php?id=CVE-2024-42861
An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function • https://github.com/qiupy123/CVE-2024-42861 •
CVE-2024-8354 – Qemu-kvm: usb: assertion failure in usb_ep_get()
https://notcve.org/view.php?id=CVE-2024-8354
This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition. • https://access.redhat.com/security/cve/CVE-2024-8354 https://bugzilla.redhat.com/show_bug.cgi?id=2313497 • CWE-617: Reachable Assertion •
CVE-2024-45813 – ReDoS vulnerability in multiparametric routes in find-my-way
https://notcve.org/view.php?id=CVE-2024-45813
This may cause a denial of service in some instances. • https://blakeembrey.com/posts/2024-09-web-redos https://github.com/delvedor/find-my-way/commit/5e9e0eb5d8d438e06a185d5e536a896572dd0440 https://github.com/delvedor/find-my-way/security/advisories/GHSA-rrr8-f88r-h8q6 • CWE-1333: Inefficient Regular Expression Complexity •
CVE-2024-36981
https://notcve.org/view.php?id=CVE-2024-36981
An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the final instance of the incorrect comparison. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2004 • CWE-125: Out-of-bounds Read •