CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45679
https://notcve.org/view.php?id=CVE-2024-45679
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product. • https://github.com/assimp/assimp/releases/tag/v5.4.3 https://jvn.jp/en/jp/JVN42386607 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-35515
https://notcve.org/view.php?id=CVE-2024-35515
Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code. • https://github.com/piskvorky/sqlitedict https://wha13.github.io/2024/06/13/mfcve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-40568
https://notcve.org/view.php?id=CVE-2024-40568
Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pb_adv_handle_tranaction_cont function in the src/mesh/pb_adv.c component • https://github.com/xiaobye-ctf/My-CVE/tree/main/BTstack/CVE-2024-40568 •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44542
https://notcve.org/view.php?id=CVE-2024-44542
SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via the /todesk.com/news.html parameter. • https://github.com/alphandbelt/CVE-2024-44542/tree/main • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2024-42503 – Authenticated Remote Command Execution (RCE) Vulnerability in the Lua Package Within the AOS Command Line Interface (CLI)
https://notcve.org/view.php?id=CVE-2024-42503
Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI). • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •