CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38172 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38172
13 Aug 2024 — Microsoft Excel Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38172 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38161 – Windows Mobile Broadband Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38161
13 Aug 2024 — Windows Mobile Broadband Driver Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38161 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38160 – Windows Network Virtualization Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38160
13 Aug 2024 — Windows Network Virtualization Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38160 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38159 – Windows Network Virtualization Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38159
13 Aug 2024 — Windows Network Virtualization Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38159 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6618 – Path Traversal in Ocean Data Systems Dream Report
https://notcve.org/view.php?id=CVE-2024-6618
13 Aug 2024 — In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library (DLL). • https://www.cisa.gov/news-events/ics-advisories/icsa-24-226-08 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2024-3913 – Phoenix Contact: Start sequence allows attack during the boot process
https://notcve.org/view.php?id=CVE-2024-3913
13 Aug 2024 — An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. • https://cert.vde.com/en/advisories/VDE-2024-022 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 9.0EPSS: 0%CPEs: 50EXPL: 0CVE-2024-41976
https://notcve.org/view.php?id=CVE-2024-41976
13 Aug 2024 — This could allow an authenticated remote attacker to execute arbitrary code on the device. • https://cert-portal.siemens.com/productcert/html/ssa-087301.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41623
https://notcve.org/view.php?id=CVE-2024-41623
13 Aug 2024 — An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload • http://d3d.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7448 – Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7448
13 Aug 2024 — Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. ... An attacker can leverage this vulnerability to execute code in the context of the current... • https://docs.magnetforensics.com/docs/axiom/release_notes.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38163 – Windows Update Stack Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38163
13 Aug 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the WinREUpdateInstaller_2401B_amd64 installer. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163 • CWE-284: Improper Access Control •