CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8594 – Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8594
29 Oct 2024 — A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8593 – Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8593
29 Oct 2024 — A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8591 – Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8591
29 Oct 2024 — A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8590 – Autodesk AutoCAD 3DM File Parsing Use-After-Free Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8590
29 Oct 2024 — A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8589 – Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-8589
29 Oct 2024 — A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk AutoCAD. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8588 – Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2024-8588
29 Oct 2024 — A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8587 – Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8587
29 Oct 2024 — A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-122: Heap-based Buffer Overflow •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-8396
https://notcve.org/view.php?id=CVE-2024-8396
29 Oct 2024 — An attacker can exploit this by creating a tarfile with absolute paths, leading to arbitrary file overwrite and potential remote code execution. •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6581 – Remote Code Execution due to Stored XSS in parisneo/lollms
https://notcve.org/view.php?id=CVE-2024-6581
29 Oct 2024 — Due to incomplete filtering in the sanitize_svg function, this can lead to cross-site scripting (XSS) vulnerabilities, which in turn pose a risk of remote code execution. • https://github.com/parisneo/lollms/commit/328b960a0de2097e13654ac752253e9541521ddd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6868 – Arbitrary File Write in mudler/LocalAI
https://notcve.org/view.php?id=CVE-2024-6868
29 Oct 2024 — This vulnerability can lead to remote code execution (RCE) by overwriting backend assets used by the server. • https://github.com/mudler/localai/commit/a181dd0ebc5d3092fc50f61674d552604fe8ef9c • CWE-20: Improper Input Validation •