CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7541 – oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7541
05 Aug 2024 — An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code<... • https://www.zerodayinitiative.com/advisories/ZDI-24-1081 • CWE-457: Use of Uninitialized Variable •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7537 – oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7537
05 Aug 2024 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1077 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7508 – Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7508
05 Aug 2024 — Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. ... An attacker can leverage this vulnerability to execute code in the contex... • https://www.zerodayinitiative.com/advisories/ZDI-24-1054 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7538 – oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7538
05 Aug 2024 — oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. ... An attacker can leverage this vulnerability to execute code in the context of root. An attacker can leverage this vulnerability to execute code in the... • https://www.zerodayinitiative.com/advisories/ZDI-24-1078 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-40498
https://notcve.org/view.php?id=CVE-2024-40498
05 Aug 2024 — SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php • https://github.com/Dirac231/CVE-2024-40498 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7509 – Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7509
05 Aug 2024 — Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. ... An attacker can leverage this vulnerability to execute code in the context of the current pro... • https://www.zerodayinitiative.com/advisories/ZDI-24-1055 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7484 – CRM Perks Forms <= 1.1.3 - Authenticated (Administrator+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-7484
05 Aug 2024 — This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/crm-perks-forms/trunk/includes/front-form.php?rev=3003885#L3271 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7546 – oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7546
05 Aug 2024 — This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to execute code in the context of the service account. An attacker can leverage th... • https://www.zerodayinitiative.com/advisories/ZDI-24-1086 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7544 – oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7544
05 Aug 2024 — This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to execute code in the context of the service account. An attacker can leverage th... • https://www.zerodayinitiative.com/advisories/ZDI-24-1084 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7539 – oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7539
05 Aug 2024 — oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. ... An attacker can leverage this vulnerability to execute code in the context of root. An attacker can leverage this vulnerability to execute code in the context of... • https://www.zerodayinitiative.com/advisories/ZDI-24-1079 • CWE-121: Stack-based Buffer Overflow •