CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43504 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43504
08 Oct 2024 — Microsoft Excel Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43504 • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38229 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38229
08 Oct 2024 — .NET and Visual Studio Remote Code Execution Vulnerability A flaw was found in dotnet. When closing an HTTP/3 stream while application code is writing to the response body, a race condition can cause a use-after-free. ... An attacker could possibly use this issue to achieve remote code execution. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38229 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43480 – Azure Service Fabric for Linux Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43480
08 Oct 2024 — Azure Service Fabric for Linux Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43480 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-38261 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38261
08 Oct 2024 — Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38261 • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow CWE-126: Buffer Over-read •
CVSS: 8.3EPSS: 4%CPEs: 1EXPL: 0CVE-2024-9380 – Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-9380
08 Oct 2024 — An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8422 – Schneider Electric Zelio Soft 2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8422
08 Oct 2024 — CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file. CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file. This vulnerability allows remote attackers to ex... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-282-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-282-06.pdf • CWE-416: Use After Free •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47553
https://notcve.org/view.php?id=CVE-2024-47553
08 Oct 2024 — This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS. • https://cert-portal.siemens.com/productcert/html/ssa-430425.html • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45471 – Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-45471
08 Oct 2024 — This could allow an attacker to execute code in the context of the current process. ... This could allow an attacker to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-583523.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45469 – Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-45469
08 Oct 2024 — This could allow an attacker to execute code in the context of the current process. ... This could allow an attacker to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-583523.html • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34669
https://notcve.org/view.php?id=CVE-2024-34669
08 Oct 2024 — Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=10 •