CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7542 – oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7542
05 Aug 2024 — An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrar... • https://www.zerodayinitiative.com/advisories/ZDI-24-1082 • CWE-457: Use of Uninitialized Variable •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6315 – Blox Page Builder <= 1.0.65 - Authenticated (Contributor+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-6315
05 Aug 2024 — This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/blox-page-builder/trunk/inc_php/unitecreator_assets.class.php?rev=1866874#L979 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7543 – oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7543
05 Aug 2024 — This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to execute code in the context of the service account. An attacker c... • https://www.zerodayinitiative.com/advisories/ZDI-24-1083 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7510 – Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7510
05 Aug 2024 — Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1056 • CWE-416: Use After Free •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7541 – oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7541
05 Aug 2024 — An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrar... • https://www.zerodayinitiative.com/advisories/ZDI-24-1081 • CWE-457: Use of Uninitialized Variable •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7537 – oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7537
05 Aug 2024 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1077 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7508 – Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7508
05 Aug 2024 — Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. ... An attacker can leverage this vulnerability to execute code in the... • https://www.zerodayinitiative.com/advisories/ZDI-24-1054 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7538 – oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7538
05 Aug 2024 — This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to execute code in the context of root. An attacker can leverage thi... • https://www.zerodayinitiative.com/advisories/ZDI-24-1078 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-40498
https://notcve.org/view.php?id=CVE-2024-40498
05 Aug 2024 — SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php • https://github.com/Dirac231/CVE-2024-40498 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7509 – Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7509
05 Aug 2024 — Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. ... An attacker can leverage this vulnerability to execute code in the context of the curr... • https://www.zerodayinitiative.com/advisories/ZDI-24-1055 • CWE-121: Stack-based Buffer Overflow •