CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39389 – Adobe Indesign PDF File Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39389
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39394 – Adobe Indesign 2024 PDF File Parsing Out Of Bound Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39394
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39400 – DOM XSS through integrations can impact other admins
https://notcve.org/view.php?id=CVE-2024-39400
This vulnerability could allow an admin attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-20082
https://notcve.org/view.php?id=CVE-2024-20082
This could lead to remote code execution with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37373
https://notcve.org/view.php?id=CVE-2024-37373
Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 • CWE-20: Improper Input Validation •