CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24707 – WordPress Cwicly plugin <= 1.4.0.2 - Auth. Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-24707
Improper Control of Generation of Code ('Code Injection') vulnerability in Cwicly Builder, SL. • https://patchstack.com/database/vulnerability/cwicly/wordpress-cwicly-plugin-1-4-0-2-remote-code-execution-rce-vulnerability?_s_id=cve https://snicco.io/vulnerability-disclosure/cwicly/remote-code-execution-cwicly-1-4-0-2?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25918 – WordPress InstaWP Connect plugin <= 0.1.0.8 - Auth. Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-25918
Unrestricted Upload of File with Dangerous Type vulnerability in InstaWP Team InstaWP Connect allows Code Injection.This issue affects InstaWP Connect: from n/a through 0.1.0.8. Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en InstaWP Team InstaWP Connect permite la inyección de código. Este problema afecta a InstaWP Connect: desde n/a hasta 0.1.0.8. The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 0.1.0.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to execute code on the server. • https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-remote-code-execution-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-862: Missing Authorization •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-20587
https://notcve.org/view.php?id=CVE-2023-20587
Improper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI flash potentially leading to arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009 •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2024-21378 – Microsoft Outlook Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21378
Microsoft Outlook Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Outlook • https://github.com/d0rb/CVE-2024-21378 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21378 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.6EPSS: 5%CPEs: 15EXPL: 0CVE-2024-21351 – Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-21351
Windows SmartScreen Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad SmartScreen de Windows Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21351 • CWE-94: Improper Control of Generation of Code ('Code Injection') •