CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6594 – WatchGuard Firebox Single Sign-On Client Denial-of-Service
https://notcve.org/view.php?id=CVE-2024-6594
25 Sep 2024 — An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00016 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.3EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45817 – x86: Deadlock in vlapic_error()
https://notcve.org/view.php?id=CVE-2024-45817
25 Sep 2024 — Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. • https://xenbits.xenproject.org/xsa/advisory-462.html • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-31146 – PCI device pass-through with shared resources
https://notcve.org/view.php?id=CVE-2024-31146
25 Sep 2024 — Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. • https://xenbits.xenproject.org/xsa/advisory-461.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-31145 – error handling in x86 IOMMU identity mapping
https://notcve.org/view.php?id=CVE-2024-31145
25 Sep 2024 — Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. • https://xenbits.xenproject.org/xsa/advisory-460.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-8175 – CODESYS: web server vulnerable to DoS
https://notcve.org/view.php?id=CVE-2024-8175
25 Sep 2024 — An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS. Un atacante remoto no autenticado puede provocar que el servidor web CODESYS acceda a una memoria no válida, lo que resulta en un DoS. An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS. • https://cert.vde.com/en/advisories/VDE-2024-057 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46461
https://notcve.org/view.php?id=CVE-2024-46461
25 Sep 2024 — VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). • https://www.videolan.org/security/sb-vlc3021.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46488
https://notcve.org/view.php?id=CVE-2024-46488
25 Sep 2024 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. • https://github.com/VulnSphere/LLMVulnSphere/blob/main/VectorDB/sqlite-vec/OOBR_2.md • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46935
https://notcve.org/view.php?id=CVE-2024-46935
24 Sep 2024 — Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser. • https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46544 – Apache Tomcat Connectors: mod_jk: local users can view and modify configuration
https://notcve.org/view.php?id=CVE-2024-46544
23 Sep 2024 — Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. ... An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing mod_jk configuration, which may lead to information disclosure and denial of service. • https://lists.apache.org/thread/q1gp7cc38hs1r8gj8gfnopwznd5fpr4d • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-42861
https://notcve.org/view.php?id=CVE-2024-42861
23 Sep 2024 — An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function • https://github.com/qiupy123/CVE-2024-42861 •