CVSS: 2.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8258 – Insecure Electron Fuses in Logitech Options Plus Allowing Arbitrary Code Execution on macOS
https://notcve.org/view.php?id=CVE-2024-8258
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuses configuration. • https://www.electronjs.org/docs/latest/tutorial/fuses https://nvd.nist.gov/vuln/detail/CVE-2023-50643 https://nvd.nist.gov/vuln/detail/CVE-2023-49314 https://github.com/r3ggi/electroniz3r • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-6596 – Endress+Hauser: Multiple products are vulnerable to code injection
https://notcve.org/view.php?id=CVE-2024-6596
An unauthenticated remote attacker can run malicious c# code included in curve files and execute commands in the users context. • https://cert.vde.com/en/advisories/VDE-2024-041 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39384 – Premiere Pro | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-39384
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-44871
https://notcve.org/view.php?id=CVE-2024-44871
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://github.com/moziloDasEinsteigerCMS/mozilo3.0 https://github.com/sec-fortress/Exploits/tree/main/CVE-2024-44871 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 3%CPEs: 30EXPL: 0CVE-2024-43461 – Microsoft Windows MSHTML Platform Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-43461
Windows MSHTML Platform Spoofing Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to execute code in the context of the current user. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43461 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •