CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7532 – Debian Security Advisory 5741-1
https://notcve.org/view.php?id=CVE-2024-7532
06 Aug 2024 — Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42393 – Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol
https://notcve.org/view.php?id=CVE-2024-42393
06 Aug 2024 — There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42394 – Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol
https://notcve.org/view.php?id=CVE-2024-42394
06 Aug 2024 — There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42395 – Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the AP Certificate Management Service Accessed by the PAPI Protocol
https://notcve.org/view.php?id=CVE-2024-42395
06 Aug 2024 — There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US • CWE-295: Improper Certificate Validation •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7502 – Delta Electronics DIAScreen Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-7502
06 Aug 2024 — A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-219-01 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-7530 – Gentoo Linux Security Advisory 202412-04
https://notcve.org/view.php?id=CVE-2024-7530
06 Aug 2024 — If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. • https://bugzilla.mozilla.org/show_bug.cgi?id=1904011 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-7531 – Debian Security Advisory 5740-1
https://notcve.org/view.php?id=CVE-2024-7531
06 Aug 2024 — If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. • https://bugzilla.mozilla.org/show_bug.cgi?id=1905691 •
CVSS: 8.1EPSS: 0%CPEs: 34EXPL: 0CVE-2024-7529 – mozilla: Document content could partially obscure security prompts
https://notcve.org/view.php?id=CVE-2024-7529
06 Aug 2024 — If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. ... An attacker could potentially exploit this issue to execute arbitrary code. • https://bugzilla.mozilla.org/show_bug.cgi?id=1903187 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 10.0EPSS: 0%CPEs: 34EXPL: 0CVE-2024-7527 – mozilla: Use-after-free in JavaScript garbage collection
https://notcve.org/view.php?id=CVE-2024-7527
06 Aug 2024 — If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. • https://bugzilla.mozilla.org/show_bug.cgi?id=1871303 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2024-7526 – mozilla: Uninitialized memory used by WebGL
https://notcve.org/view.php?id=CVE-2024-7526
06 Aug 2024 — If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. • https://bugzilla.mozilla.org/show_bug.cgi?id=1910306 • CWE-908: Use of Uninitialized Resource •