CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20723 – Adobe Substance 3D Painter v9.0.1Build2822 Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2024-20723
Substance3D - Painter versions 9.1.1 and earlier are affected by a Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-25502
https://notcve.org/view.php?id=CVE-2024-25502
Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the download_backup.php component. Vulnerabilidad de Directory Traversal en flusity CMS v.2.4 permite a un atacante remoto ejecutar código arbitrario y obtener información confidencial a través del componente download_backup.php. • https://github.com/flusity/flusity-CMS/issues/10 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-6138
https://notcve.org/view.php?id=CVE-2023-6138
A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. • https://support.hp.com/us-en/document/ish_10167884-10167908-16/hpsbhf03915 •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1471 – HTML Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-1471
An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks. Existe una vulnerabilidad de inyección de HTML en la que un atacante remoto autenticado con privilegios de administrador en la aplicación Security Center podría modificar los parámetros del repositorio, lo que podría provocar ataques de redirección de HTML. • https://www.tenable.com/security/tns-2024-02 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2024-25301
https://notcve.org/view.php?id=CVE-2024-25301
Redaxo v5.15.1 was discovered to contain a remote code execution (RCE) vulnerability via the component /pages/templates.php. Se descubrió que Redaxo v5.15.1 contiene una vulnerabilidad de ejecución remota de código (RCE) a través del componente /pages/templates.php. • https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-REDAXO/RCE.md https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459 • CWE-94: Improper Control of Generation of Code ('Code Injection') •