CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-11633
https://notcve.org/view.php?id=CVE-2024-11633
Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54008 – Authenticated Remote Code Execution (RCE) in HPE Aruba Networking AirWave Management Platform
https://notcve.org/view.php?id=CVE-2024-54008
An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04765en_us&docLocale=en_US • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-53247 – Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app
https://notcve.org/view.php?id=CVE-2024-53247
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.2.461 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE). • https://advisory.splunk.com/advisories/SVD-2024-1205 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 0CVE-2024-49128 – Windows Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49128
Windows Remote Desktop Services Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49128 • CWE-416: Use After Free CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2024-49127 – Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49127
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49127 • CWE-416: Use After Free •