CVE-2024-45694 – D-Link WiFi router - Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-45694
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device. • https://www.twcert.org.tw/tw/cp-132-8080-7f494-1.html https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html • CWE-121: Stack-based Buffer Overflow •
CVE-2024-44623
https://notcve.org/view.php?id=CVE-2024-44623
An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. • https://github.com/TuomoKu/SPX-GC https://github.com/TuomoKu/SPX-GC/blob/v.1.3.0/routes/routes-api.js#L39 https://github.com/merbinr/CVE-2024-44623 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-45105
https://notcve.org/view.php?id=CVE-2024-45105
An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-825: Expired Pointer Dereference •
CVE-2024-4550
https://notcve.org/view.php?id=CVE-2024-4550
A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-3100
https://notcve.org/view.php?id=CVE-2024-3100
A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-121: Stack-based Buffer Overflow •