CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39385 – Premiere Pro | Use After Free (CWE-416)
https://notcve.org/view.php?id=CVE-2024-39385
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Premiere Pro. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39378 – Audition | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-39378
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Audition. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/audition/apsb24-54.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38018 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38018
Microsoft SharePoint Server Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. ... An attacker can leverage this vulnerability to execute code in the context of the service account. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38018 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-38249 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38249
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38249 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 16%CPEs: 30EXPL: 0CVE-2024-43461 – Microsoft Windows MSHTML Platform Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-43461
Windows MSHTML Platform Spoofing Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to execute code in the context of the current user. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43461 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •