CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2024-8175 – CODESYS: web server vulnerable to DoS
https://notcve.org/view.php?id=CVE-2024-8175
An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS. Un atacante remoto no autenticado puede provocar que el servidor web CODESYS acceda a una memoria no válida, lo que resulta en un DoS. • https://cert.vde.com/en/advisories/VDE-2024-057 https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=18604&token=d5e1e2820ee63077b875b3bb41014b1f102e88a3&download= • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-46488
https://notcve.org/view.php?id=CVE-2024-46488
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. • https://github.com/VulnSphere/LLMVulnSphere/blob/main/VectorDB/sqlite-vec/OOBR_2.md • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-46461
https://notcve.org/view.php?id=CVE-2024-46461
VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges. • https://www.videolan.org/security/sb-vlc3021.html • CWE-122: Heap-based Buffer Overflow •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-46935
https://notcve.org/view.php?id=CVE-2024-46935
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser. • https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories https://github.com/RocketChat/Rocket.Chat/pull/33227 •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46544 – Apache Tomcat Connectors: mod_jk: local users can view and modify configuration
https://notcve.org/view.php?id=CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. ... An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing mod_jk configuration, which may lead to information disclosure and denial of service. • https://lists.apache.org/thread/q1gp7cc38hs1r8gj8gfnopwznd5fpr4d https://access.redhat.com/security/cve/CVE-2024-46544 https://bugzilla.redhat.com/show_bug.cgi?id=2314194 • CWE-276: Incorrect Default Permissions •