CVE-2024-28893
https://notcve.org/view.php?id=CVE-2024-28893
Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. • https://support.hp.com/us-en/document/ish_10502451-10502508-16/hpsbhf03931 •
CVE-2024-31413
https://notcve.org/view.php?id=CVE-2024-31413
Opening a specially crafted project file may lead to arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98274902 https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-002_en.pdf •
CVE-2024-32018 – Ineffective size check due to assert() and buffer overflow in RIOT
https://notcve.org/view.php?id=CVE-2024-32018
If the unchecked input above is attacker-controlled and crosses a security boundary, the impact of the buffer overflow vulnerability could range from denial of service to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/May/7 http://www.openwall.com/lists/oss-security/2024/05/07/3 https://github.com/RIOT-OS/RIOT/blob/master/pkg/nimble/scanlist/nimble_scanlist.c#L74-L87 https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-899m-q6pp-hmp3 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-32017 – Buffer overflows in RIOT
https://notcve.org/view.php?id=CVE-2024-32017
If the input above is attacker-controlled and crosses a security boundary, the impact of the buffer overflow vulnerabilities could range from denial of service to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/May/7 http://www.openwall.com/lists/oss-security/2024/05/07/3 https://github.com/RIOT-OS/RIOT/blob/master/sys/net/application_layer/gcoap/dns.c#L319-L325 https://github.com/RIOT-OS/RIOT/blob/master/sys/net/application_layer/gcoap/forward_proxy.c#L352 https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-v97j-w9m6-c4h3 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-31225 – Lack of size check and buffer overflow in RIOT
https://notcve.org/view.php?id=CVE-2024-31225
If the unchecked input above is attacker-controlled and crosses a security boundary, the impact of the buffer overflow vulnerability could range from denial of service to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/May/7 http://www.openwall.com/lists/oss-security/2024/05/07/3 https://github.com/RIOT-OS/RIOT/blob/master/sys/net/application_layer/cord/lc/cord_lc.c#L218 https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-2572-7q7c-3965 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •