CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39651 – WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Arbitrary File Deletion vulnerability
https://notcve.org/view.php?id=CVE-2024-39651
This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://patchstack.com/database/vulnerability/woocommerce-pdf-vouchers/wordpress-woocommerce-pdf-vouchers-plugin-4-9-5-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-23929 – Pioneer DMH-WT7600NEX Telematics Directory Traversal Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2024-23929
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-23920 – ChargePoint Home Flex onboardee Improper Access Control Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23920
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-23921 – ChargePoint Home Flex wlanapp Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23921
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-23969 – ChargePoint Home Flex wlanchnllst Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23969
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. •