CVE-2024-29074 – Telephony has an improper input validation vulnerability
https://notcve.org/view.php?id=CVE-2024-29074
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md • CWE-20: Improper Input Validation •
CVE-2024-22098 – AVSession has a use after free vulnerability
https://notcve.org/view.php?id=CVE-2024-22098
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md • CWE-416: Use After Free •
CVE-2024-29276
https://notcve.org/view.php?id=CVE-2024-29276
An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component. Se descubrió un problema en seeyonOA versión 8, que permite a atacantes remotos ejecutar código arbitrario a través del método importProcess en el componente WorkFlowDesignerController.class. • https://www.cnblogs.com/Rainy-Day/p/18061399 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-31003
https://notcve.org/view.php?id=CVE-2024-31003
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp. Vulnerabilidad de desbordamiento de búfer en Bento4 Bento v.1.6.0-641 permite a un atacante remoto ejecutar código arbitrario a través de AP4_MemoryByteStream::WritePartial en Ap4ByteStream.cpp. • https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31003 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-30858
https://notcve.org/view.php?id=CVE-2024-30858
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php. netentsec NS-ASG 6.3 es vulnerable a la inyección SQL a través de /admin/edit_fire_wall.php. • https://github.com/hundanchen69/cve/blob/main/NS-ASG-sql-edit_fire_wall.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •