CVE-2024-52770
https://notcve.org/view.php?id=CVE-2024-52770
An arbitrary file upload vulnerability in the component /admin/file_manage_control of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-11477 – 7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-1532 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2024-44307
https://notcve.org/view.php?id=CVE-2024-44307
An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/120911 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-44306
https://notcve.org/view.php?id=CVE-2024-44306
An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/120911 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2018-9433
https://notcve.org/view.php?id=CVE-2018-9433
This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-07-01 • CWE-116: Improper Encoding or Escaping of Output •