CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43463 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43463
10 Sep 2024 — Microsoft Office Visio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-38249 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38249
10 Sep 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38249 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-26191 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-26191
10 Sep 2024 — Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26191 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-26186 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-26186
10 Sep 2024 — Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26186 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-37339 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37339
10 Sep 2024 — Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37339 • CWE-822: Untrusted Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-37340 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37340
10 Sep 2024 — Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37340 • CWE-822: Untrusted Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-37335 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37335
10 Sep 2024 — Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37335 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-37338 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37338
10 Sep 2024 — Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37338 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45595 – D-Tale allows Remote Code Execution through the Query input on Chart Builder
https://notcve.org/view.php?id=CVE-2024-45595
10 Sep 2024 — Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. • https://github.com/man-group/dtale#custom-filter • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43799 – send vulnerable to template injection that can lead to XSS
https://notcve.org/view.php?id=CVE-2024-43799
10 Sep 2024 — Send passes untrusted user input to SendStream.redirect() which executes untrusted code. ... This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function. • https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •