CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43504 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43504
Microsoft Excel Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43504 • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38229 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38229
.NET and Visual Studio Remote Code Execution Vulnerability A flaw was found in dotnet. When closing an HTTP/3 stream while application code is writing to the response body, a race condition can cause a use-after-free. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38229 https://access.redhat.com/security/cve/CVE-2024-38229 https://bugzilla.redhat.com/show_bug.cgi?id=2316161 • CWE-416: Use After Free •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43480 – Azure Service Fabric for Linux Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43480
Azure Service Fabric for Linux Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43480 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38261 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38261
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38261 • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow CWE-126: Buffer Over-read •
CVSS: 7.2EPSS: 4%CPEs: -EXPL: 0CVE-2024-9380 – Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-9380
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •