CVE-2024-6819 – IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6819
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-6822 – IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6822
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-6820 – IrfanView AWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6820
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-6821 – IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6821
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-37084 – CVE-2024-37084: Remote code execution in Spring Cloud Data Flow
https://notcve.org/view.php?id=CVE-2024-37084
In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server • https://github.com/Kayiyan/CVE-2024-37084-Poc https://github.com/vuhz/CVE-2024-37084 https://spring.io/security/cve-2024-37084 • CWE-94: Improper Control of Generation of Code ('Code Injection') •