CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-22429
https://notcve.org/view.php?id=CVE-2024-22429
17 May 2024 — A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. • https://www.dell.com/support/kbdoc/en-us/000221102/dsa-2024-020 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23522 – WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-23522
17 May 2024 — Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7. neutralización incorrecta de etiquetas HTML relacionadas con scripts en una vulnerabilidad de página web (XSS básico) en Strategy11 Form Builder Team Formidable Forms permite la inyección de código. Este problema afecta a Formidable Forms: desde n/a hasta 6.7. • https://patchstack.com/database/vulnerability/formidable/wordpress-formidable-forms-plugin-6-7-content-injection-vulnerability?_s_id=cve • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-4453 – GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-4453
17 May 2024 — This flaw allows a remote attacker to send specially crafted content to the victim, allowing for arbitrary code execution within the context of the affected installation's process. • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1417 – Local Code Injection Vulnerability in AuthPoint Password Manager App for macOS Safari
https://notcve.org/view.php?id=CVE-2024-1417
16 May 2024 — Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. This issue affects AuthPoint Password Manager for MacOS versions before 1.0.6. La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando ("Inyección de comando") en WatchGuard AuthPoint Password Manager e... • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00006 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-48643
https://notcve.org/view.php?id=CVE-2023-48643
16 May 2024 — Shrubbery tac_plus 2.x, 3.x. and 4.x through F4.0.4.28 allows unauthenticated Remote Command Execution. The product allows users to configure authorization checks as shell commands through the tac_plus.cfg configuration file. These are executed when a client sends an authorization request with a username that has pre-authorization directives configured. However, it is possible to inject additional commands into these checks because strings from TACACS+ packets are used as command-line arguments. If the inst... • https://github.com/takeshixx/tac_plus-pre-auth-rce • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35187 – Stalwart Mail Server has privilege escalation by design
https://notcve.org/view.php?id=CVE-2024-35187
16 May 2024 — Prior to version 0.8.0, attackers who achieved Arbitrary Code Execution as the stalwart-mail user (including web interface admins) can gain complete root access to the system. Usually, system services are run as a separate user (not as root) to isolate an attacker with Arbitrary Code Execution to the current service. ... Server admins who handed out the admin credentials to the mail server, but didn't want to hand out complete root access to the system, as well as any attacked user when the at... • https://github.com/stalwartlabs/mail-server/security/advisories/GHSA-rwp5-f854-ppg6 • CWE-863: Incorrect Authorization •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30314 – Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
https://notcve.org/view.php?id=CVE-2024-30314
16 May 2024 — Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. • https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30291 – Adobe FrameMaker TIF File parsing Out Of Bound Write
https://notcve.org/view.php?id=CVE-2024-30291
16 May 2024 — Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb24-37.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30292 – Adobe FrameMaker GIF File parsing Out Of Bound Write
https://notcve.org/view.php?id=CVE-2024-30292
16 May 2024 — Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb24-37.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30290 – Adobe FrameMaker WEBP File Parsing Out Of Bound Write
https://notcve.org/view.php?id=CVE-2024-30290
16 May 2024 — Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb24-37.html • CWE-787: Out-of-bounds Write •