CVE-2024-23155 – Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23155
A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-6146 – Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6146
Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. ... An attacker can leverage this vulnerability to execute code in the context of the HTTP server. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. ... An attacker can leverage this vulnerability to execute code in the context of the HTTP server. • https://www.zerodayinitiative.com/advisories/ZDI-24-809 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-6142 – Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6142
Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. ... An attacker can leverage this vulnerability to execute code in the context of the HTTP server. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. ... An attacker can leverage this vulnerability to execute code in the context of the HTTP server. • https://www.zerodayinitiative.com/advisories/ZDI-24-805 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-37821
https://notcve.org/view.php?id=CVE-2024-37821
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL file. • http://dolibarr.com https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-37821.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-6143 – Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6143
Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. ... An attacker can leverage this vulnerability to execute code in the context of the HTTP server. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. ... An attacker can leverage this vulnerability to execute code in the context of the HTTP server. • https://www.zerodayinitiative.com/advisories/ZDI-24-806 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •