CVSS: 8.3EPSS: 0%CPEs: 7EXPL: 0CVE-2024-42501 – Authenticated Path Traversal Vulnerability Leads to a Remote Command Execution (RCE)
https://notcve.org/view.php?id=CVE-2024-42501
17 Sep 2024 — Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code or install implants. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 2CVE-2024-38812 – VMware vCenter Server Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2024-38812
17 Sep 2024 — A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. ... • https://github.com/maybeheisenberg/CVE-2024-38812 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8845 – PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-8845
17 Sep 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. An attacker can leverage this in conjunction with other vulnerabilities to execut... • https://www.zerodayinitiative.com/advisories/ZDI-24-1268 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8818 – PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8818
17 Sep 2024 — PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. ... An attacker can leverage this vulnerability to execute code in the context of the current process. A... • https://www.zerodayinitiative.com/advisories/ZDI-24-1241 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-8807 – Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8807
17 Sep 2024 — Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cohesive Networks VNS3. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cohesive Networks VNS3. ... An attacker can leverage this vulnerability to execute code in the context of root. An attacker can le... • https://cohesive.net/support/security-responses • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8821 – PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-8821
17 Sep 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. An attacker can leverage this in conjunction with other vulnerabilities to execut... • https://www.zerodayinitiative.com/advisories/ZDI-24-1244 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8828 – PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-8828
17 Sep 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. An attacker can leverage this in conjunction with other vulnerabilities to execut... • https://www.zerodayinitiative.com/advisories/ZDI-24-1251 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8842 – PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8842
17 Sep 2024 — PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. ... An attacker can leverage this vulnerability to execute code in the context of the current pr... • https://www.zerodayinitiative.com/advisories/ZDI-24-1265 • CWE-457: Use of Uninitialized Variable •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8824 – PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-8824
17 Sep 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. An attacker can leverage this in conjunction with other vulnerabilities to execut... • https://www.zerodayinitiative.com/advisories/ZDI-24-1247 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8834 – PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-8834
17 Sep 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. An attacker can leverage this in conjunction with other vulnerabilities to execut... • https://www.zerodayinitiative.com/advisories/ZDI-24-1257 • CWE-125: Out-of-bounds Read •