CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-6815 – IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6815
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-6816 – IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6816
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6431 – Media.net Ads Manager <= 2.10.13 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-6431
This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/media-net-ads-manager/tags/2.10.13/app/admin/MnetAdHandleAjaxCalls.php#L206 https://www.wordfence.com/threat-intel/vulnerabilities/id/54fac673-2d83-4d06-a4c0-8bffc269a90c?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-6817 – IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6817
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-6818 – IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6818
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •