CVE-2024-23937 – Silicon Labs Gecko OS Debug Interface Format String Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23937
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. •
CVE-2024-23960 – Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability
https://notcve.org/view.php?id=CVE-2024-23960
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23102 This vulnerability allows physically present attackers to bypass signature validation mechanism on affected installations of Alpine Halo9 devices. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-845 • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2024-23934 – Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23934
Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. . ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156 https://www.zerodayinitiative.com/advisories/ZDI-24-875 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVE-2024-23938 – Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23938
Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. ... An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23184 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://community.silabs.com/a45Vm0000000Atp https://www.zerodayinitiative.com/advisories/ZDI-24-868 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-6247 – Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6247
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. ... An attacker can leverage this vulnerability to execute code in the context of root. •