CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-34660
https://notcve.org/view.php?id=CVE-2024-34660
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09 •
CVSS: 8.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-34657
https://notcve.org/view.php?id=CVE-2024-34657
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09 •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-34656
https://notcve.org/view.php?id=CVE-2024-34656
Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09 •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44808
https://notcve.org/view.php?id=CVE-2024-44808
An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter. • https://github.com/Vypor/Vypors-Attack-API-System https://jacobmasse.medium.com/cve-2024-44808-remote-command-execution-in-vypor-ddos-attack-api-1ed073725595 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7627 – Bit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race Condition
https://notcve.org/view.php?id=CVE-2024-7627
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. • https://plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Providers/FileEditValidator.php#L39 https://plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Providers/FileEditValidator.php#L88 https://plugins.trac.wordpress.org/changeset/3138710 https://www.wordfence.com/threat-intel/vulnerabilities/id/5f29de7a-3f15-4b6d-aad7-6a08151e2113?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •