CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44677
https://notcve.org/view.php?id=CVE-2024-44677
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component. • https://github.com/jcxj/jcxj/blob/master/source/_posts/eladmin-%E5%A4%8D%E7%8E%B0.md https://github.com/elunez/eladmin • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7626 – WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) <= 1.6.9 - Improper Path Validation to Authenticated (Subscriber+) Arbitrary File Move and Read
https://notcve.org/view.php?id=CVE-2024-7626
This makes it possible for authenticated attackers, with subscriber-level access and above, to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php). • https://www.wordfence.com/threat-intel/vulnerabilities/id/3c98bb53-9f7e-4ab3-9676-e3dbfb4a0519?source=cve https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L260 https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L355 https://plugins.trac.wordpress.org/changeset/3148996/delicious-recipes/trunk/src/dashboard/class-delicious-recipes-form-handler.php • CWE-73: External Control of File Name or Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43760 – Photoshop Desktop | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-43760
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/photoshop/apsb24-72.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39377 – Media Encoder | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-39377
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Media Encoder. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39384 – Premiere Pro | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-39384
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html • CWE-787: Out-of-bounds Write •