CVE-2024-23150 – Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23150
A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-787: Out-of-bounds Write •
CVE-2024-23158 – Autodesk AutoCAD IGES File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23158
A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-416: Use After Free •
CVE-2024-34833 – Payroll Management System 1.0 Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-34833
Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server. ... Payroll Management System version 1.0 suffers from a remote code execution vulnerability. • https://github.com/ShellUnease/CVE-2024-34833-payroll-management-system-rce https://github.com/ShellUnease/payroll-management-system-rce https://packetstormsecurity.com/files/179106/Payroll-Management-System-1.0-Remote-Code-Execution.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-36580
https://notcve.org/view.php?id=CVE-2024-36580
A Prototype Pollution issue in cdr0 sg 1.0.10 allows an attacker to execute arbitrary code. • https://gist.github.com/mestrtee/a75d75eca4622ad08f7cfa903a6cc9c3 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2023-37058
https://notcve.org/view.php?id=CVE-2023-37058
Insecure Permissions vulnerability in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command. Vulnerabilidad de permisos inseguros en JLINK Unionman Technology Co. Ltd. Jlink AX1800 v.1.0 permite a un atacante remoto escalar privilegios mediante un comando manipulado. • http://jlink.com https://github.com/ri5c/Jlink-Router-RCE •