CVE-2024-24731 – Silicon Labs Gecko OS http_download Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-24731
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. ... An attacker can leverage this vulnerability to execute code in the context of the device. •
CVE-2024-23967 – Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23967
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. ... An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23230 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.zerodayinitiative.com/advisories/ZDI-24-853 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-39347 – Synology RT6600ax Improper Access Control Firewall Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-39347
This vulnerability allows remote attackers to bypass firewall rules and access the LAN interface on affected installations of Synology RT6600ax routers. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. • https://www.synology.com/en-global/security/advisory/Synology_SA_23_16 • CWE-276: Incorrect Default Permissions •
CVE-2024-23959 – Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23959
Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. ... An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23194 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.zerodayinitiative.com/advisories/ZDI-24-851 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-3112 – Quotes and Tips < 1.45 - Admin+ Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-3112
This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://wpscan.com/vulnerability/fa6f01d6-aa3b-4452-9c5f-49bb227fea9d • CWE-434: Unrestricted Upload of File with Dangerous Type •