CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-21832 – PingFederate REST API Data Store Injection
https://notcve.org/view.php?id=CVE-2024-21832
09 Jul 2024 — A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body. Existe un posible vector de ataque de inyección JSON en los almacenes de datos de la API REST de PingFederate utilizando el método POST y un cuerpo de solicitud JSON. • https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34726
https://notcve.org/view.php?id=CVE-2024-34726
09 Jul 2024 — In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic error in the code. • https://source.android.com/security/bulletin/2024-07-01 • CWE-783: Operator Precedence Logic Error •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34725
https://notcve.org/view.php?id=CVE-2024-34725
09 Jul 2024 — In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. • https://source.android.com/security/bulletin/2024-07-01 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-34720
https://notcve.org/view.php?id=CVE-2024-34720
09 Jul 2024 — In com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of com_android_internal_os_ZygoteCommandBuffer.cpp, there is a possible method to perform arbitrary code execution in any app zygote processes due to a logic error in the code. • https://android.googlesource.com/platform/frameworks/base/+/293e9ac230851acbec73f5ab12928d113d6283e1 • CWE-783: Operator Precedence Logic Error •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23711
https://notcve.org/view.php?id=CVE-2024-23711
09 Jul 2024 — In DevmemXIntUnreserveRange of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. • https://source.android.com/security/bulletin/2024-06-01 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23698
https://notcve.org/view.php?id=CVE-2024-23698
09 Jul 2024 — In RGXFWChangeOSidPriority of rgxfwutils.c, there is a possible arbitrary code execution due to a missing bounds check. • https://source.android.com/security/bulletin/2024-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23697
https://notcve.org/view.php?id=CVE-2024-23697
09 Jul 2024 — In RGXCreateHWRTData_aux of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. • https://source.android.com/security/bulletin/2024-06-01 • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23696
https://notcve.org/view.php?id=CVE-2024-23696
09 Jul 2024 — In RGXCreateZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. • https://source.android.com/security/bulletin/2024-06-01 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34139 – Adobe Bridge has an integer overflow vulnerability when parsing SVG file
https://notcve.org/view.php?id=CVE-2024-34139
09 Jul 2024 — Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb24-51.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20781 – Adobe Indesign TIF File Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2024-20781
09 Jul 2024 — InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-122: Heap-based Buffer Overflow •