CVE-2024-25713
https://notcve.org/view.php?id=CVE-2024-25713
yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.) yyjson hasta 0.8.0 tiene un doble free, lo que lleva a la ejecución remota de código en algunos casos, porque la función pool_free carece de comprobaciones de bucle. (pool_free es parte del asignador de series de grupos, junto con pool_malloc y pool_realloc). • https://github.com/ibireme/yyjson/security/advisories/GHSA-q4m7-9pcm-fpxh https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6KQ67T4R7QEWURW5NMCCVLTBASL4ECHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NNICQVIF7BRYFWYRL3HPVAJIPXN4OVTX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKQPEREDUDKGYJMFNFDQVYCVLWDRO2Y2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-24821 – Code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php in Composer
https://notcve.org/view.php?id=CVE-2024-24821
As such, under certain conditions arbitrary code execution may lead to local privilege escalation, provide lateral user movement or malicious code execution when Composer is invoked within a directory with tampered files. • https://github.com/composer/composer/commit/64e4eb356b159a30c766cd1ea83450a38dc23bf5 https://github.com/composer/composer/security/advisories/GHSA-7c6p-848j-wh5h • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVE-2024-25003 – KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-25003
This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. • https://www.exploit-db.com/exploits/51890 http://packetstormsecurity.com/files/177031/KiTTY-0.76.1.13-Command-Injection.html http://packetstormsecurity.com/files/177032/KiTTY-0.76.1.13-Buffer-Overflows.html http://seclists.org/fulldisclosure/2024/Feb/13 http://seclists.org/fulldisclosure/2024/Feb/14 https://blog.defcesco.io/CVE-2024-25003-CVE-2024-25004 • CWE-787: Out-of-bounds Write •
CVE-2024-25004 – KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-25004
This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. • https://www.exploit-db.com/exploits/51891 http://packetstormsecurity.com/files/177031/KiTTY-0.76.1.13-Command-Injection.html http://packetstormsecurity.com/files/177032/KiTTY-0.76.1.13-Buffer-Overflows.html http://seclists.org/fulldisclosure/2024/Feb/13 http://seclists.org/fulldisclosure/2024/Feb/14 https://blog.defcesco.io/CVE-2024-25003-CVE-2024-25004 • CWE-787: Out-of-bounds Write •
CVE-2024-23749 – KiTTY 0.76.1.13 - Command Injection
https://notcve.org/view.php?id=CVE-2024-23749
This allows an attacker to add inputs inside the filename variable, leading to arbitrary code execution. • https://www.exploit-db.com/exploits/51892 http://packetstormsecurity.com/files/177031/KiTTY-0.76.1.13-Command-Injection.html http://seclists.org/fulldisclosure/2024/Feb/13 http://seclists.org/fulldisclosure/2024/Feb/14 https://blog.defcesco.io/CVE-2024-23749 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •