CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-6819 – IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6819
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-6822 – IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6822
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-6820 – IrfanView AWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6820
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-6821 – IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6821
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 2CVE-2024-37084 – CVE-2024-37084: Remote code execution in Spring Cloud Data Flow
https://notcve.org/view.php?id=CVE-2024-37084
In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server • https://github.com/Kayiyan/CVE-2024-37084-Poc https://github.com/vuhz/CVE-2024-37084 https://spring.io/security/cve-2024-37084 • CWE-94: Improper Control of Generation of Code ('Code Injection') •