CVSS: 8.8EPSS: 94%CPEs: 1EXPL: 1CVE-2023-52251 – Kafka UI 0.7.1 Command Injection
https://notcve.org/view.php?id=CVE-2023-52251
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages. Un problema descubierto en provectus kafka-ui v0.4.0 a v0.7.1 permite a atacantes remotos ejecutar código arbitrario a través del parámetro q de /api/clusters/local/topics/{topic}/messages. A command injection vulnerability exists in Kafka UI versions 0.4.0 through 0.7.1 that allows an attacker to inject and execute arbitrary shell commands via the groovy filter parameter at the topic section. • https://github.com/BobTheShoplifter/CVE-2023-52251-POC http://packetstormsecurity.com/files/177214/Kafka-UI-0.7.1-Command-Injection.html https://attackerkb.com/topics/ATJ1hTVB8H/cve-2023-52251 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2023-31037
https://notcve.org/view.php?id=CVE-2023-31037
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. • https://nvidia.custhelp.com/app/answers/detail/a_id/5511 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6846 – File Manager Pro <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-6846
The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute code on the server. Version 8.3.5 introduces a capability check that prevents users lower than admin from executing this function. El complemento File Manager Pro para WordPress es vulnerable a la carga arbitraria de archivos en todas las versiones hasta la 8.3.4 incluida, a través de la función mk_check_filemanager_php_syntax AJAX. Esto hace posible que atacantes autenticados, con acceso de suscriptor y superior, ejecuten código en el servidor. • https://gist.github.com/Kun19/046b2b305cac5f2edd38037984c2e8e3 https://www.wordfence.com/threat-intel/vulnerabilities/id/1e8e0257-a745-495f-a103-c032b95209fc?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0755 – Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
https://notcve.org/view.php?id=CVE-2024-0755
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. Errores de seguridad de la memoria presentes en Firefox 121, Firefox ESR 115.6 y Thunderbird 115.6. Algunos de estos errores mostraron evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1868456%2C1871445%2C1873701 https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html https://www.mozilla.org/security/advisories/mfsa2024-01 https://www.mozilla.org/security/advisories/mfsa2024-02 https://www.mozilla.org/security/advisories/mfsa2024-04 https://access.redhat.com/security/cve/CVE-2024-0755 https://bugzilla.redhat.com/show_bug.cgi?id=2259934 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-23222 – Apple Multiple Products WebKit Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2024-23222
Processing maliciously crafted web content may lead to arbitrary code execution. • https://support.apple.com/en-us/HT214055 https://support.apple.com/en-us/HT214059 https://support.apple.com/en-us/HT214061 https://support.apple.com/kb/HT214055 https://support.apple.com/kb/HT214056 https://support.apple.com/kb/HT214057 https://support.apple.com/kb/HT214058 https://support.apple.com/kb/HT214059 https://support.apple.com/kb/HT214061 https://support.apple.com/kb/HT214063 https://access.redhat.com/security/cve/CVE-2024-23222 https://bugzilla.r • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •