CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20785 – Adobe Indesign 2024 TIFF File Parsing Memory Corruption Remote Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2024-20785
09 Jul 2024 — InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20783 – Adobe Indesign 2024 RLE File Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2024-20783
09 Jul 2024 — InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20782 – Adobe Indesign WMF File Parsing Out Of Bound Write
https://notcve.org/view.php?id=CVE-2024-20782
09 Jul 2024 — InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34123 – Adobe Premiere Pro arbitrary DLL loading lead to remote code execution
https://notcve.org/view.php?id=CVE-2024-34123
09 Jul 2024 — Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html • CWE-426: Untrusted Search Path •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-6615 – Gentoo Linux Security Advisory 202412-04
https://notcve.org/view.php?id=CVE-2024-6615
09 Jul 2024 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-6611 – Gentoo Linux Security Advisory 202412-04
https://notcve.org/view.php?id=CVE-2024-6611
09 Jul 2024 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1844827 • CWE-1275: Sensitive Cookie with Improper SameSite Attribute •
CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0CVE-2024-6608 – Gentoo Linux Security Advisory 202412-04
https://notcve.org/view.php?id=CVE-2024-6608
09 Jul 2024 — Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1743329 •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5974 – Firebox Authenticated Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2024-5974
09 Jul 2024 — A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. Un desbordamiento del búfer en WatchGuard Fireware OS podría permitir que un atacante remoto autenticado con acceso de administración privilegiado ejecute código arbitrario con privilegios del sistema en el firewall. Este problema afecta al sistema operativo... • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-40726
https://notcve.org/view.php?id=CVE-2024-40726
09 Jul 2024 — A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/{id}/edit/. Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a través de un payload manipulado inyectado en el parámetro Name en /dcim/power-ports/{id}/edit/. • https://github.com/minhquan202/Vuln-Netbox • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-40735
https://notcve.org/view.php?id=CVE-2024-40735
09 Jul 2024 — A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-outlets/{id}/edit/. Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elección a través de un payload manipulado inyectado en el parámetro Name en /dcim/power-outlets/{id}/edit/. • https://github.com/minhquan202/Vuln-Netbox • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •