CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27321
https://notcve.org/view.php?id=CVE-2024-27321
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. • https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27320
https://notcve.org/view.php?id=CVE-2024-27320
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. • https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31336
https://notcve.org/view.php?id=CVE-2024-31336
In PVRSRVBridgeRGXKickTA3D2 of server_rgxta3d_bridge.c, there is a possible arbitrary code execution due to improper input validation. • https://source.android.com/security/bulletin/2024-09-01 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44570
https://notcve.org/view.php?id=CVE-2024-44570
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php. • http://system-on-chip.com https://www.relyum.com/web/support/vulnerability-report • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44466
https://notcve.org/view.php?id=CVE-2024-44466
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface. • https://github.com/CurryRaid/iot_vul/tree/main/comfast • CWE-94: Improper Control of Generation of Code ('Code Injection') •