CVE-2024-10131 – Remote Code Execution in infiniflow/ragflow
https://notcve.org/view.php?id=CVE-2024-10131
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req['llm_factory']` and `req['llm_name']` to dynamically instantiate classes from various model dictionaries. This approach allows an attacker to potentially execute arbitrary code due to the lack of comprehensive input validation or sanitization. An attacker could provide a malicious value for 'llm_factory' that, when used as an index to these model dictionaries, results in the execution of arbitrary code. • https://huntr.com/bounties/42ae0b27-e851-4b58-a991-f691a437fbaa • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-37404
https://notcve.org/view.php?id=CVE-2024-37404
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-and-Policy-Secure-CVE-2024-37404 •
CVE-2024-49361 – Potential Vulnerability in ACON Library: Improper Input Validation Leading to Malicious Code Execution
https://notcve.org/view.php?id=CVE-2024-49361
A potential vulnerability has been identified in the input validation process, which could lead to arbitrary code execution if exploited. This issue could allow an attacker to submit malicious input data, bypassing input validation, resulting in remote code execution in certain machine learning applications using the ACON library. • https://github.com/torinriley/ACON/security/advisories/GHSA-345g-6rmp-3cv9 • CWE-20: Improper Input Validation •
CVE-2024-9264 – Grafana SQL Expressions allow for remote code execution
https://notcve.org/view.php?id=CVE-2024-9264
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions. • https://github.com/z3k0sec/CVE-2024-9264-RCE-Exploit https://github.com/nollium/CVE-2024-9264 https://github.com/z3k0sec/File-Read-CVE-2024-9264 https://github.com/zgimszhd61/CVE-2024-9264 https://github.com/zgimszhd61/CVE-2024-9264-RCE https://github.com/PunitTailor55/Grafana-CVE-2024-9264 https://grafana.com/security/security-advisories/cve-2024-9264 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-9593 – Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-9593
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. This allows unauthenticated attackers to execute code on the server. • https://github.com/RandomRobbieBF/CVE-2024-9593 https://www.wordfence.com/threat-intel/vulnerabilities/id/247e599a-74e2-41d5-a1ba-978a807e6544?source=cve https://plugins.trac.wordpress.org/browser/time-clock/tags/1.2.2/includes/admin/ajax_functions_admin.php#L58 https://plugins.trac.wordpress.org/changeset/3171046/time-clock#file40 • CWE-94: Improper Control of Generation of Code ('Code Injection') •