CVE-2024-7620 – Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import
https://notcve.org/view.php?id=CVE-2024-7620
This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/changeset/3144365/customizer-export-import https://www.wordfence.com/threat-intel/vulnerabilities/id/7600e7df-725d-4877-b0bf-5329f814723f?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-8463 – File upload restriction bypass vulnerability in Job Portal
https://notcve.org/view.php?id=CVE-2024-8463
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-45107 – ZDI-CAN-24186: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-45107
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-416: Use After Free •
CVE-2024-45063 – Multiple issues in ctl(4) CAM Target Layer
https://notcve.org/view.php?id=CVE-2024-45063
The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. • https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc • CWE-416: Use After Free •
CVE-2024-43110 – Multiple issues in ctl(4) CAM Target Layer
https://notcve.org/view.php?id=CVE-2024-43110
The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. • https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc • CWE-125: Out-of-bounds Read •