CVE-2024-23158 – Autodesk AutoCAD IGES File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23158
A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-416: Use After Free •
CVE-2024-34833 – Payroll Management System 1.0 Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-34833
Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server. ... Payroll Management System version 1.0 suffers from a remote code execution vulnerability. • https://github.com/ShellUnease/CVE-2024-34833-payroll-management-system-rce https://github.com/ShellUnease/payroll-management-system-rce https://packetstormsecurity.com/files/179106/Payroll-Management-System-1.0-Remote-Code-Execution.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-36580
https://notcve.org/view.php?id=CVE-2024-36580
A Prototype Pollution issue in cdr0 sg 1.0.10 allows an attacker to execute arbitrary code. • https://gist.github.com/mestrtee/a75d75eca4622ad08f7cfa903a6cc9c3 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2023-37058
https://notcve.org/view.php?id=CVE-2023-37058
Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command. • http://jlink.com https://github.com/ri5c/Jlink-Router-RCE •
CVE-2024-36574
https://notcve.org/view.php?id=CVE-2024-36574
A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON (flatten-json/index.js:42) Un problema de contaminación de prototipos en flatten-json 1.0.1 permite a un atacante ejecutar código arbitrario a través de module.exports.unflattenJSON (flatten-json/index.js:42) • https://gist.github.com/mestrtee/d5a0c93459599f77557b5bbe78b57325 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •