CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31029
https://notcve.org/view.php?id=CVE-2023-31029
A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5510 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0252 – Remote code execution
https://notcve.org/view.php?id=CVE-2024-0252
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability. Las versiones 6401 e inferiores de ManageEngine ADSelfService Plus son vulnerables a la ejecución remota de código debido al manejo inadecuado en el componente del balanceador de carga. • https://www.manageengine.com/products/self-service-password/advisory/CVE-2024-0252.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22190 – Untrusted search path under some conditions on Windows allows arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-22190
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git`, as well as when it runs `bash.exe` to interpret hooks. If either of those features are used on Windows, a malicious `git.exe` or `bash.exe` may be run from an untrusted repository. This issue has been patched in version 3.1.41. • https://github.com/gitpython-developers/GitPython/commit/ef3192cc414f2fd9978908454f6fd95243784c7f https://github.com/gitpython-developers/GitPython/pull/1792 https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx • CWE-426: Untrusted Search Path •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40414 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-40414
Processing web content may lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2024/02/05/8 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 https://support.apple.com/en-us/HT213941 https://access.redhat.com/security/cve/CVE-2023-40414 https://bugzilla.redhat.com/show_bug.cgi?id=2270143 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42833 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42833
Processing web content may lead to arbitrary code execution. ... This flaw allows a remote attacker to trigger arbitrary code execution by persuading a victim to visit a specially crafted website. • http://www.openwall.com/lists/oss-security/2024/02/05/8 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 https://support.apple.com/en-us/HT213941 https://access.redhat.com/security/cve/CVE-2023-42833 https://bugzilla.redhat.com/show_bug.cgi?id=2270146 •