CVE-2024-4453 – GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-4453
This flaw allows a remote attacker to send specially crafted content to the victim, allowing for arbitrary code execution within the context of the affected installation's process. • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5 https://lists.debian.org/debian-lts-announce/2024/05/msg00019.html https://www.zerodayinitiative.com/advisories/ZDI-24-467 https://access.redhat.com/security/cve/CVE-2024-4453 https://bugzilla.redhat.com/show_bug.cgi?id=2282999 • CWE-190: Integer Overflow or Wraparound •
CVE-2024-1417 – Local Code Injection Vulnerability in AuthPoint Password Manager App for macOS Safari
https://notcve.org/view.php?id=CVE-2024-1417
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. This issue affects AuthPoint Password Manager for MacOS versions before 1.0.6. La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando ("Inyección de comando") en WatchGuard AuthPoint Password Manager en MacOS permite a un adversario con acceso local ejecutar código en el contexto de la aplicación AuthPoint Password Manager. Este problema afecta a AuthPoint Password Manager para versiones de MacOS anteriores a la 1.0.6. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00006 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2023-48643
https://notcve.org/view.php?id=CVE-2023-48643
Shrubbery tac_plus 2.x, 3.x. and 4.x through F4.0.4.28 allows unauthenticated Remote Command Execution. The product allows users to configure authorization checks as shell commands through the tac_plus.cfg configuration file. These are executed when a client sends an authorization request with a username that has pre-authorization directives configured. However, it is possible to inject additional commands into these checks because strings from TACACS+ packets are used as command-line arguments. If the installation lacks a a pre-shared secret (there is no pre-shared secret by default), then the injection can be triggered without authentication. • https://github.com/takeshixx/tac_plus-pre-auth-rce • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-35187 – Stalwart Mail Server has privilege escalation by design
https://notcve.org/view.php?id=CVE-2024-35187
Prior to version 0.8.0, attackers who achieved Arbitrary Code Execution as the stalwart-mail user (including web interface admins) can gain complete root access to the system. Usually, system services are run as a separate user (not as root) to isolate an attacker with Arbitrary Code Execution to the current service. ... Server admins who handed out the admin credentials to the mail server, but didn't want to hand out complete root access to the system, as well as any attacked user when the attackers gained Arbitrary Code Execution using another vulnerability, may be vulnerable. • https://github.com/stalwartlabs/mail-server/security/advisories/GHSA-rwp5-f854-ppg6 • CWE-863: Incorrect Authorization •
CVE-2024-33871 – ghostscript: OPVP device arbitrary code execution via custom Driver library
https://notcve.org/view.php?id=CVE-2024-33871
An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. ... This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to arbitrary code execution with the privileges of the Ghostscript process on the system. • https://bugs.ghostscript.com/show_bug.cgi?id=707754 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=7145885041bb52cc23964f0aa2aec1b1c82b5908 https://www.openwall.com/lists/oss-security/2024/06/28/2 https://access.redhat.com/security/cve/CVE-2024-33871 https://bugzilla.redhat.com/show_bug.cgi?id=2283508 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •