CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-7352 – PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7352
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. •
CVSS: 7.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-41630
https://notcve.org/view.php?id=CVE-2024-41630
Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set. • https://palm-vertebra-fe9.notion.site/form_fast_setting_wifi_set-fd47294cf4bb460bb95f804d39e53f34 https://www.tendacn.com/hk/download/detail-3852.html https://www.tendacn.com/hk/download/detail-3863.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-6233 – Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6233
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38984
https://notcve.org/view.php?id=CVE-2024-38984
Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property. • https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-41304
https://notcve.org/view.php?id=CVE-2024-41304
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3 allows attackers to execute arbitrary code via a crafted SVG file. • https://github.com/patrickdeanramos/WonderCMS-version-3.4.3-SVG-Stored-Cross-Site-Scripting • CWE-94: Improper Control of Generation of Code ('Code Injection') •