CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9735 – Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9735
11 Oct 2024 — Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code... • https://www.zerodayinitiative.com/advisories/ZDI-24-1365 • CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9761 – Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9761
11 Oct 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. An attacker can leverage this in conjunction with other vulner... • https://www.zerodayinitiative.com/advisories/ZDI-24-1366 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9764 – Tungsten Automation Power PDF PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9764
11 Oct 2024 — Tungsten Automation Power PDF PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1362 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-42640
https://notcve.org/view.php?id=CVE-2024-42640
11 Oct 2024 — angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. ... This leads to the execution of previously uploaded content and enables the attacker to achieve code execution on the server. • https://www.zyenra.com/blog/unauthenticated-rce-in-angular-base64-upload.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45316 – SonicWALL Connect Tunnel Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-45316
11 Oct 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Secure Mobile Access service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9732 – Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9732
11 Oct 2024 — Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1337 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-46532
https://notcve.org/view.php?id=CVE-2024-46532
11 Oct 2024 — SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component. • https://github.com/KamenRiderDarker/CVE-2024-46532 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9719 – Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9719
11 Oct 2024 — Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. ... An attacker can leverage this vulnerability to execute code in the context of ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1379 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9746 – Tungsten Automation Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9746
11 Oct 2024 — Tungsten Automation Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code... • https://www.zerodayinitiative.com/advisories/ZDI-24-1345 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9751 – Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9751
11 Oct 2024 — Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code<... • https://www.zerodayinitiative.com/advisories/ZDI-24-1363 • CWE-125: Out-of-bounds Read •