CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45150 – Dimension | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-45150
Dimension versions 4.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/dimension/apsb24-74.html • CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48027 – WordPress External featured image from bing plugin <= 1.0.2 - Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-48027
Unrestricted Upload of File with Dangerous Type vulnerability in xaraartech External featured image from bing allows Upload a Web Shell to a Web Server.This issue affects External featured image from bing: from n/a through 1.0.2. La carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en xaraartech External featured image from bing permite cargar un Web Shell a un servidor web. Este problema afecta a la imagen externa destacada de Bing: desde n/a hasta 1.0.2. The External featured image from bing plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute code on the server. • https://patchstack.com/database/vulnerability/external-featured-image-from-bing/wordpress-external-featured-image-from-bing-plugin-1-0-2-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8422 – Schneider Electric Zelio Soft 2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8422
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-282-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-282-06.pdf • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-39831 – AccessTokenManager has an use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-39831
in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45138 – Substance3D - Stager | Use After Free (CWE-416)
https://notcve.org/view.php?id=CVE-2024-45138
Substance3D - Stager versions 3.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html • CWE-416: Use After Free •