CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-50804
https://notcve.org/view.php?id=CVE-2024-50804
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder • https://g3tsyst3m.github.io/cve/msi/Arbitrary-Write-Privilege-Escalation-CVE-2024-50804 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-43091 – Gnome-maps: gnome maps is vulnerable to a code injection attack (similar to xss) via its service.json
https://notcve.org/view.php?id=CVE-2023-43091
If the configuration file is malicious, it may execute arbitrary code. • https://bugzilla.redhat.com/show_bug.cgi?id=2239091 https://gitlab.gnome.org/GNOME/gnome-maps/-/commit/d26cd774d524404ef7784e6808f551de83de4bea https://gitlab.gnome.org/GNOME/gnome-maps/-/issues/588 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-52416 – WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2024-52416
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through 2.2. • https://patchstack.com/database/vulnerability/debug-tool/wordpress-debug-tool-plugin-2-2-remote-code-execution-vulnerability? • CWE-862: Missing Authorization •
CVSS: 8.1EPSS: 0%CPEs: 399EXPL: 0CVE-2022-20649 – Cisco Redundancy Configuration Manager Debug Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-20649
A vulnerability in Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform remote code execution on the application with root-level privileges in the context of the configured container. This vulnerability exists because the debug mode is incorrectly enabled for specific services. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rcm-vuls-7cS3Nuq https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tetr-cmd-injc-skrwGO https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-FmbPu2pe • CWE-489: Active Debug Code •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9849 – 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin <= 4.6 - Authenticated (Author+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-9849
This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. ... This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/real3d-flipbook-lite/tags/4.6/includes/plugin-admin.php#L77 https://www.wordfence.com/threat-intel/vulnerabilities/id/1f99b366-1a94-41ed-813a-bb13893604d0?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •