CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5100 – KL-001-2025-005: Mobile Dynamix PrinterShare Mobile Print Double-Free Memory Write
https://notcve.org/view.php?id=CVE-2025-5100
23 May 2025 — A double-free condition occurs during the cleanup of temporary image files, which can be exploited to achieve memory corruption and potentially arbitrary code execution. • https://korelogic.com/Resources/Advisories/KL-001-2025-005.txt • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5099 – KL-001-2025-004: Mobile Dynamix PrinterShare Mobile Print Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2025-5099
23 May 2025 — An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution. • https://korelogic.com/Resources/Advisories/KL-001-2025-004.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-51360
https://notcve.org/view.php?id=CVE-2024-51360
23 May 2025 — An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file • https://github.com/Anil0x/CVE/blob/main/Session%20Hijacking.pdf • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-13952 – Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-13952
22 May 2025 — Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-13929 – Authenticated Servlet Command Injection
https://notcve.org/view.php?id=CVE-2024-13929
22 May 2025 — Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-13928 – Authenticated SQL Injection
https://notcve.org/view.php?id=CVE-2024-13928
22 May 2025 — SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series:... • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30172 – Admin Authorized Remote Code Execution
https://notcve.org/view.php?id=CVE-2025-30172
22 May 2025 — Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-9639 – Authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-9639
22 May 2025 — Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2272 – Privilege Escalation and Arbitrary code execution in F1E Endpoint
https://notcve.org/view.php?id=CVE-2025-2272
22 May 2025 — Uncontrolled Search Path Element vulnerability in Forcepoint FIE Endpoint allows Privilege Escalation, Code Injection, Hijacking a privileged process.This issue affects FIE Endpoint: before 25.05. • https://support.forcepoint.com/s/article/Security-Advisory-Privilege-Escalation-and-Arbitrary-code-execution-in-F1E-Endpoint • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25010 – Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2024-25010
22 May 2025 — Ericsson RAN Compute and Site Controller 6610 contains in certain configurations a high severity vulnerability where improper input validation could be exploited leading to arbitrary code execution. Ericsson RAN Compute and Site Controller 6610 contains in certain configurations a high severity vulnerability where improper input validation could be exploited leading to arbitrary code execution. • https://www.ericsson.com/en/about-us/security/psirt/CVE-2024-25010 • CWE-20: Improper Input Validation •