CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2024-23921 – ChargePoint Home Flex wlanapp Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23921
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. ... An attacker can leverage this vulnerability to execute code in the context of root. •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2024-23969 – ChargePoint Home Flex wlanchnllst Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23969
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. ... An attacker can leverage this vulnerability to execute code in the context of root. •
CVSS: 6.5EPSS: %CPEs: -EXPL: 0CVE-2024-23928 – Pioneer DMH-WT7600NEX Telematics Improper Certificate Validation Vulnerability
https://notcve.org/view.php?id=CVE-2024-23928
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40645 – FOG Authenticated File Upload RCE
https://notcve.org/view.php?id=CVE-2024-40645
An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. • https://github.com/FOGProject/fogproject/blob/a4bb1bf39ac53c3cbe623576915fbc3b5c80a00f/packages/web/lib/pages/fogconfigurationpage.class.php#L2860-L2896 https://github.com/FOGProject/fogproject/commit/9469606a18bf8887740cceed6593a2e0380b5e0c https://github.com/FOGProject/fogproject/security/advisories/GHSA-59mq-q8g5-2f4f • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6973 – Remote Code Execution in Cato Windows SDP client via crafted URLs
https://notcve.org/view.php?id=CVE-2024-6973
Remote Code Execution in Cato Windows SDP client via crafted URLs. This issue affects Windows SDP Client before 5.10.34. • https://support.catonetworks.com/hc/en-us/articles/19756987454237-CVE-2024-6973-Windows-SDP-Client-Remote-Code-Execution-via-crafted-URLs • CWE-20: Improper Input Validation •