CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8255 – Path Traversal in Ocean Data Systems Dream Report
https://notcve.org/view.php?id=CVE-2024-8255
Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DTN Soft. ... An attacker can leverage this vulnerability to execute code in the context of an administrator. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-242-02 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41367
https://notcve.org/view.php?id=CVE-2024-41367
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\api\playlist\appendFileToPlaylist.php • https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2397 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-44777 – vTiger CRM 7.4.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-44777
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. vTiger CRM version 7.4.0 suffers from multiple reflective cross site scripting vulnerabilities. • http://vtiger.com https://packetstormsecurity.com/files/180462/vTiger-CRM-7.4.0-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41364
https://notcve.org/view.php?id=CVE-2024-41364
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.php • https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2400 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-44778 – vTiger CRM 7.4.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-44778
A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. vTiger CRM version 7.4.0 suffers from multiple reflective cross site scripting vulnerabilities. • http://vtiger.com https://packetstormsecurity.com/files/180462/vTiger-CRM-7.4.0-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •