CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41361
https://notcve.org/view.php?id=CVE-2024-41361
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.php • https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2398 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41366
https://notcve.org/view.php?id=CVE-2024-41366
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\userScripts.php • https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2399 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-44779 – vTiger CRM 7.4.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-44779
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. vTiger CRM version 7.4.0 suffers from multiple reflective cross site scripting vulnerabilities. • http://vtiger.com https://packetstormsecurity.com/files/180462/vTiger-CRM-7.4.0-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41368
https://notcve.org/view.php?id=CVE-2024-41368
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWlanIpMail.php • https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2396 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8255 – Path Traversal in Ocean Data Systems Dream Report
https://notcve.org/view.php?id=CVE-2024-8255
Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DTN Soft. ... An attacker can leverage this vulnerability to execute code in the context of an administrator. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-242-02 • CWE-502: Deserialization of Untrusted Data •