CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39011
https://notcve.org/view.php?id=CVE-2024-39011
30 Jul 2024 — Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the function mergeObjects. • https://gist.github.com/mestrtee/693ef1c8b0a5ff1ae19f253381711f3e • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41183 – Trend Micro VPN Proxy One Pro Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-41183
30 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DEP Manager. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/tmka-14460 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40777 – Apple macOS ImageIO PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-40777
29 Jul 2024 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. ... An attacker can leverage this vulnerability to execute code in the context of the current process. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27826 – Apple Security Advisory 07-29-2024-6
https://notcve.org/view.php?id=CVE-2024-27826
29 Jul 2024 — An app may be able to execute arbitrary code with kernel privileges. visionOS 1.3 addresses bypass, information leakage, integer overflow, out of bounds access, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214101 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 32EXPL: 0CVE-2024-40776 – webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-40776
29 Jul 2024 — A use-after-free may lead to Remote Code Execution. • https://support.apple.com/en-us/HT214121 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-40784 – Apple macOS ImageIO KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-40784
29 Jul 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27877 – Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-27877
29 Jul 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214120 •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-40789 – Apple WebKit WebCodecs VideoFrame Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-40789
29 Jul 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple WebKit. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://support.apple.com/en-us/HT214121 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27878 – Apple Security Advisory 07-29-2024-4
https://notcve.org/view.php?id=CVE-2024-27878
29 Jul 2024 — An app with root privileges may be able to execute arbitrary code with kernel privileges. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214119 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7252 – Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7252
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-957 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •