CVE-2024-5826 – Remote Code Execution via Prompt Injection in vanna-ai/vanna
https://notcve.org/view.php?id=CVE-2024-5826
In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server. • https://huntr.com/bounties/90620087-44ac-4e43-b659-3c5d30889369 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-3330 – Spotfire Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-3330
., In the case of the Web player (Business Author): Successful execution of this vulnerability via the Web Player, will result in the attacker being able to run arbitrary code as the account running the Web player process, In the case of Automation Services: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code via Automation Services..This issue affects Spotfire Analyst: from 12.0.9 through 12.5.0, from 14.0 through 14.0.2; Spotfire Server: from 12.0.10 through 12.5.0, from 14.0 through 14.0.3, from 14.2.0 through 14.3.0; Spotfire for AWS Marketplace: from 14.0 before 14.3.0. • https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-june-262024-spotfire-cve-2024-3330-r3435 • CWE-250: Execution with Unnecessary Privileges •
CVE-2024-35260 – Microsoft Dataverse Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-35260
An authenticated attacker can exploit an Untrusted Search Path vulnerability in Microsoft Dataverse to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35260 • CWE-426: Untrusted Search Path •
CVE-2024-36041
https://notcve.org/view.php?id=CVE-2024-36041
., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory. • https://github.com/KDE/plasma-workspace/tags https://invent.kde.org/plasma/plasma-workspace https://kde.org/info/security/advisory-20240531-1.txt https://www.x.org/releases/X11R7.7/doc/libSM/xsmp.html • CWE-613: Insufficient Session Expiration •
CVE-2024-6164 – Filter & Grids < 2.8.33 - Unauthenticated LFI
https://notcve.org/view.php?id=CVE-2024-6164
This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files. ... This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. • https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4 • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •