CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 1CVE-2024-37770
https://notcve.org/view.php?id=CVE-2024-37770
10 Jul 2024 — 14Finger v1.1 was discovered to contain a remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload. Se descubrió que 14Finger v1.1 contenía una vulnerabilidad de ejecución remota de comandos (RCE) en la función de huellas dactilares. • https://github.com/k3ppf0r/CVE-2024-37770 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35154 – IBM WebSphere Application Server code execution
https://notcve.org/view.php?id=CVE-2024-35154
09 Jul 2024 — IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Using specially crafted input, the attacker could exploit this vulnerability to execute arbitrary code on the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292641 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39883 – Heap-based Buffer Overflow in Delta Electronics CNCSoft-G2
https://notcve.org/view.php?id=CVE-2024-39883
09 Jul 2024 — If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39882 – Out-of-bounds Read in Delta Electronics CNCSoft-G2
https://notcve.org/view.php?id=CVE-2024-39882
09 Jul 2024 — If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39881 – Out-of-bounds Write in Delta Electronics CNCSoft-G2
https://notcve.org/view.php?id=CVE-2024-39881
09 Jul 2024 — If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39880 – Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2
https://notcve.org/view.php?id=CVE-2024-39880
09 Jul 2024 — If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20785 – Adobe Indesign 2024 TIFF File Parsing Memory Corruption Remote Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2024-20785
09 Jul 2024 — InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34123 – Adobe Premiere Pro arbitrary DLL loading lead to remote code execution
https://notcve.org/view.php?id=CVE-2024-34123
09 Jul 2024 — Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38517 – Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow
https://notcve.org/view.php?id=CVE-2024-38517
09 Jul 2024 — An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. • https://github.com/Tencent/rapidjson/pull/1261/commits/8269bc2bc289e9d343bae51cdf6d23ef0950e001 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6222 – In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages
https://notcve.org/view.php?id=CVE-2024-6222
09 Jul 2024 — An attacker must first obtain the ability to execute high-privileged code within the container in order to exploit this vulnerability. The specific flaw exists within the the implemention of the Docker Extensions functionality. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the host. • https://github.com/Florian-Hoth/CVE-2024-6222 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •