CVE-2024-23226
https://notcve.org/view.php?id=CVE-2024-23226
Processing web content may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/24 http://seclists.org/fulldisclosure/2024/Mar/25 http://seclists.org/fulldisclosure/2024/Mar/26 https://support.apple.com/en-us/HT214081 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214086 https://support.apple.com/en-us/HT214087 https://support.apple.com/en-us/HT214088 •
CVE-2024-28115 – Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled
https://notcve.org/view.php?id=CVE-2024-28115
FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. • https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2 https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r • CWE-284: Improper Access Control •
CVE-2024-0917
https://notcve.org/view.php?id=CVE-2024-0917
remote code execution in paddlepaddle/paddle 2.6.0 ejecución remota de código en paddlepaddle/paddle 2.6.0 • https://huntr.com/bounties/2d840735-e255-4700-9709-6f7361829119 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-51395 – Z-Wave S0 Decryption Vulnerability in End Devices
https://notcve.org/view.php?id=CVE-2023-51395
This vulnerability may allow an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution. • https://community.silabs.com/068Vm0000029Xq5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2023-41503
https://notcve.org/view.php?id=CVE-2023-41503
Student Enrollment In PHP v1.0 was discovered to contain a SQL injection vulnerability via the Login function. Se descubrió que Student Enrollment In PHP v1.0 contiene una vulnerabilidad de inyección SQL a través de la función de inicio de sesión. • https://github.com/ASR511-OO7/CVE-2023-41503 https://github.com/ASR511-OO7/CVE-2023-41503/blob/main/CVE-26 • CWE-94: Improper Control of Generation of Code ('Code Injection') •