CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38087 – SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38087
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38087 • CWE-415: Double Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38088 – SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38088
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38088 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35264 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-35264
.NET and Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de .NET y Visual Studio A vulnerability was found in dotNET when parsing ASP.NET Core 8. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35264 https://access.redhat.com/security/cve/CVE-2024-35264 https://bugzilla.redhat.com/show_bug.cgi?id=2295321 • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38363 – Remote Code Execution (RCE) via Server Side Template Injection (SSTI) in Airbyte
https://notcve.org/view.php?id=CVE-2024-38363
Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. ... La imagen acoplable del generador de conexiones Airbyte es vulnerable a RCE a través de SSTI, lo que permite a un atacante remoto autenticado ejecutar código arbitrario en el servidor como usuario del servidor web. • https://github.com/airbytehq/airbyte/security/advisories/GHSA-4j3c-fgvx-xgqq • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-39865
https://notcve.org/view.php?id=CVE-2024-39865
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). ... This could allow an attacker with access to the backup encryption key to upload malicious files, that could potentially lead to remote code execution. • https://cert-portal.siemens.com/productcert/html/ssa-381581.html • CWE-434: Unrestricted Upload of File with Dangerous Type •