CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31334 – PowerVR DevmemXIntMapPages() Mapping Issue
https://notcve.org/view.php?id=CVE-2024-31334
In DevmemIntFreeDefBackingPage of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. • https://source.android.com/security/bulletin/2024-07-01 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37061
https://notcve.org/view.php?id=CVE-2024-37061
Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run. La ejecución remota de código puede ocurrir en versiones de la plataforma MLflow que ejecutan la versión 1.11.0 o posterior, lo que permite que un proyecto ML creado con fines malintencionados ejecute código arbitrario en el sistema de un usuario final cuando se ejecuta. • https://hiddenlayer.com/sai-security-advisory/mlflow-june2024 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-20881
https://notcve.org/view.php?id=CVE-2024-20881
Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06 •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-36569
https://notcve.org/view.php?id=CVE-2024-36569
Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php. • https://github.com/debug601/bug_report/blob/main/vendors/mayuri_k/gas-agency-management-system/RCE-1.md • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36568
https://notcve.org/view.php?id=CVE-2024-36568
Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=. Sourcecodester Gas Agency Management System v1.0 es vulnerable a la inyección SQL a través de /gasmark/editbrand.php?id=. • https://github.com/debug601/bug_report/blob/main/vendors/mayuri_k/gas-agency-management-system/SQL-1.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •