NotCVE-2023-0003 – RSA signature verification bypass via Arbitrary Code Execution in Sansa Connect bootloader
https://notcve.org/view.php?id=NotCVE-2023-0003
Attacker can supply image that combined with specific MPI length leads to Arbitrary Code Execution via overwritten return address on stack. • https://github.com/desowin/zsitool/blob/master/exploit.md • CWE-121: Stack-based Buffer Overflow •
NotCVE-2023-0001 – Secure Boot Bypass in MSM8916/APQ8016 Mobile SoC
https://notcve.org/view.php?id=NotCVE-2023-0001
A physical attacker may leverage improper protection against voltage glitching in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 to execute arbitrary code in the device due to a badly secured hash value check. • https://cyberintel.es/cve/notCVE-2023-0001/ • CWE-1247: Improper Protection Against Voltage and Clock Glitches •
CVE-2024-10952 – Authors List <= 2.0.4 - Unauthenticated Arbitrary Shortcode Execution via update_authors_list_ajax
https://notcve.org/view.php?id=CVE-2024-10952
The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution via update_authors_list_ajax AJAX action in all versions up to, and including, 2.0.4. ... This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-49415
https://notcve.org/view.php?id=CVE-2024-49415
Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=12 •
CVE-2024-49410
https://notcve.org/view.php?id=CVE-2024-49410
Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=12 •