CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-6233 – Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6233
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Forensic Recorder service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-39012
https://notcve.org/view.php?id=CVE-2024-39012
This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/acfbd724a4b73bfb5d030575b653453c • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-41304
https://notcve.org/view.php?id=CVE-2024-41304
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3 allows attackers to execute arbitrary code via a crafted SVG file. • https://github.com/patrickdeanramos/WonderCMS-version-3.4.3-SVG-Stored-Cross-Site-Scripting • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-39011
https://notcve.org/view.php?id=CVE-2024-39011
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the function mergeObjects. • https://gist.github.com/mestrtee/693ef1c8b0a5ff1ae19f253381711f3e • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38986
https://notcve.org/view.php?id=CVE-2024-38986
Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via merge methods of lodash to merge objects. • https://gist.github.com/mestrtee/b20c3aee8bea16e1863933778da6e4cb • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •