CVE-2024-7509 – Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7509
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-7539 – oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7539
This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CUSD commands. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1079 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-7544 – oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7544
This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of STK command PDUs. ... An attacker can leverage this vulnerability to execute code in the context of the service account. ... This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. ... An attacker can leverage this vulnerability to execute code in the context of the service account. • https://www.zerodayinitiative.com/advisories/ZDI-24-1084 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-7510 – Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7510
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-7537 – oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7537
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1077 • CWE-125: Out-of-bounds Read •