CVE-2024-39354 – Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39354
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-39605 – Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39605
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-47131 – Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-47131
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVE-2024-10625 – WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2024-10625
This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://codecanyon.net/item/woocommerce-support-ticket-system/17930050 https://www.wordfence.com/threat-intel/vulnerabilities/id/ddf1cecd-c630-498d-9aa0-3d0adeb73033?source=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-10626 – WooCommerce Support Ticket System <= 17.7 - Authenticated (Subscriber+) Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2024-10626
This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://codecanyon.net/item/woocommerce-support-ticket-system/17930050 https://www.wordfence.com/threat-intel/vulnerabilities/id/eeb2c829-579f-41e2-ad5f-8e4fc125d980?source=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •