CVE-2024-7253 – NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7253
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within nxnode.exe. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVE-2024-23968 – ChargePoint Home Flex SrvrToSmSetAutoChnlListMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23968
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. ... An attacker can leverage this vulnerability to execute code in the context of root. •
CVE-2024-23971 – ChargePoint Home Flex OCPP bswitch Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23971
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. ... The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. •
CVE-2024-39651 – WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Arbitrary File Deletion vulnerability
https://notcve.org/view.php?id=CVE-2024-39651
This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://patchstack.com/database/vulnerability/woocommerce-pdf-vouchers/wordpress-woocommerce-pdf-vouchers-plugin-4-9-5-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-23929 – Pioneer DMH-WT7600NEX Telematics Directory Traversal Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2024-23929
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. •