CVE-2023-50967
- EPSS 1.38%
- Veröffentlicht 20.03.2024 16:15:07
- Zuletzt bearbeitet 04.11.2025 22:15:55
latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
CVE-2023-46839
- EPSS 0.81%
- Veröffentlicht 20.03.2024 11:15:08
- Zuletzt bearbeitet 13.01.2026 15:03:22
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding reques...
CVE-2023-46840
- EPSS 0.26%
- Veröffentlicht 20.03.2024 11:15:08
- Zuletzt bearbeitet 13.01.2026 14:50:49
Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen.
CVE-2023-46841
- EPSS 0.27%
- Veröffentlicht 20.03.2024 11:15:08
- Zuletzt bearbeitet 04.11.2025 19:16:05
Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A sub-feature of this are Shadow Stacks (CET-SS). CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, tradit...
CVE-2024-2002
- EPSS 1.09%
- Veröffentlicht 18.03.2024 13:15:07
- Zuletzt bearbeitet 09.04.2025 15:36:37
A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
CVE-2024-23672
- EPSS 2.31%
- Veröffentlicht 13.03.2024 16:15:29
- Zuletzt bearbeitet 07.08.2025 12:15:27
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0....
CVE-2024-24549
- EPSS 23.07%
- Veröffentlicht 13.03.2024 16:15:29
- Zuletzt bearbeitet 29.10.2025 12:15:34
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset unt...
CVE-2024-2400
- EPSS 0.7%
- Veröffentlicht 13.03.2024 04:15:08
- Zuletzt bearbeitet 19.12.2024 20:21:05
Use after free in Performance Manager in Google Chrome prior to 122.0.6261.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-43279
- EPSS 0.67%
- Veröffentlicht 12.03.2024 22:15:07
- Zuletzt bearbeitet 04.11.2025 19:15:58
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.
CVE-2024-28757
- EPSS 2.01%
- Veröffentlicht 10.03.2024 05:15:06
- Zuletzt bearbeitet 04.11.2025 22:15:59
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).