CVE-2024-24581 – Arkcompiler runtime has an out-of-bounds write vulnerability
https://notcve.org/view.php?id=CVE-2024-24581
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md • CWE-787: Out-of-bounds Write •
CVE-2024-29074 – Telephony has an improper input validation vulnerability
https://notcve.org/view.php?id=CVE-2024-29074
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md • CWE-20: Improper Input Validation •
CVE-2024-22098 – AVSession has a use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-22098
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md • CWE-416: Use After Free •
CVE-2024-29276
https://notcve.org/view.php?id=CVE-2024-29276
An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component. Se descubrió un problema en seeyonOA versión 8, que permite a atacantes remotos ejecutar código arbitrario a través del método importProcess en el componente WorkFlowDesignerController.class. • https://www.cnblogs.com/Rainy-Day/p/18061399 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-31003
https://notcve.org/view.php?id=CVE-2024-31003
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp. Vulnerabilidad de desbordamiento de búfer en Bento4 Bento v.1.6.0-641 permite a un atacante remoto ejecutar código arbitrario a través de AP4_MemoryByteStream::WritePartial en Ap4ByteStream.cpp. • https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31003 • CWE-94: Improper Control of Generation of Code ('Code Injection') •