CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11320 – Command Injection leading to RCE via LDAP Misconfiguration
https://notcve.org/view.php?id=CVE-2024-11320
Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. • https://pandorafms.com/en/security/common-vulnerabilities-and-exposures • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49529 – InDesign Desktop | Out-of-bounds Read (CWE-125)
https://notcve.org/view.php?id=CVE-2024-49529
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe InDesign. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/indesign/apsb24-91.html • CWE-125: Out-of-bounds Read •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-51365
https://notcve.org/view.php?id=CVE-2024-51365
An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows attackers to execute arbitrary code via uploading a crafted Zip file. • http://visicut.com https://download.visicut.org https://github.com/Gelcon/PoC-of-VisiCut2_1-Stack-Overflow-Vul •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-51366
https://notcve.org/view.php?id=CVE-2024-51366
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows attackers to execute arbitrary code via uploading a crafted .conf file. • http://omegat.com https://github.com/Gelcon/PoCofOmegaTV6_0_1 https://omegat.org •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11506 – IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11506
IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-1594 • CWE-125: Out-of-bounds Read •