CVSS: 7.6EPSS: 0%CPEs: 19EXPL: 0CVE-2023-50186 – GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-50186
19 Apr 2024 — A successful attack may lead to an application crash or arbitrary code execution if malformed media files are opened. • https://gstreamer.freedesktop.org/security/sa-2023-0011.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2023-49502 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2023-49502
19 Apr 2024 — An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. ... An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. • https://github.com/FFmpeg/FFmpeg • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 2CVE-2024-31621 – Flowise 1.6.5 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2024-31621
19 Apr 2024 — An issue in FlowiseAI Inc Flowise v.1.6.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component. Un problema en FlowiseAI Inc Flowise v.1.6.2 y anteriores permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado para el componente api/v1. Flowise version 1.6.5 suffers from an authentication bypass vulnerability. • https://packetstorm.news/files/id/178204 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 14CVE-2024-2961 – glibc: Out of bounds write in iconv may lead to remote code execution
https://notcve.org/view.php?id=CVE-2024-2961
17 Apr 2024 — It was discovered that GNU C Library when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. • https://packetstorm.news/files/id/182289 • CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32680 – WordPress HUSKY plugin <= 1.3.5.2 - Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-32680
17 Apr 2024 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of Code ('Code Injection') vulnerability in PluginUS HUSKY – Products Filter for WooCommerce (formerly WOOF) allows Using Malicious Files, Code Inclusion.This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.2. • https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-5-2-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-31585 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2024-31585
17 Apr 2024 — An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. ... An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. • https://gist.github.com/1047524396/dc2c64ffe0c3934a6176bcd2c5cf5656 • CWE-193: Off-by-one Error •
CVSS: 9.0EPSS: 0%CPEs: 14EXPL: 0CVE-2024-31578 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2024-31578
17 Apr 2024 — An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. ... An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. • https://gist.github.com/1047524396/45400cce5859d78dcd3a62010df8d179 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31582 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2024-31582
17 Apr 2024 — An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. ... An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. • https://gist.github.com/1047524396/b47d5efe3bc420fb91dbb77c73c0fff3 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3660 – Arbitrary code injection vulnerability in Keras framework < 2.13
https://notcve.org/view.php?id=CVE-2024-3660
16 Apr 2024 — A arbitrary code injection vulnerability in TensorFlow's Keras framework (<2.13) allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application. • https://kb.cert.org/vuls/id/253266 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32599 – WordPress WP Dummy Content Generator plugin <= 3.2.1 - Arbitrary Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2024-32599
16 Apr 2024 — Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.2.1. • https://patchstack.com/database/vulnerability/wp-dummy-content-generator/wordpress-wp-dummy-content-generator-plugin-3-2-1-arbitrary-code-execution-vulnerability? • CWE-94: Improper Control of Generation of Code ('Code Injection') •