CVSS: 7.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-36581
https://notcve.org/view.php?id=CVE-2024-36581
A Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via dist/badger-database.esm. • https://gist.github.com/mestrtee/f6b2ed1b3b4bc0df994c7455fc6110bd • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-36583
https://notcve.org/view.php?id=CVE-2024-36583
A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an attacker to execute arbitrary code via @byondreal/accessor/index. • https://gist.github.com/mestrtee/97bc2fbfbcbde3a54d5536c9adeee34c • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36575
https://notcve.org/view.php?id=CVE-2024-36575
A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via global.accessor. • https://gist.github.com/mestrtee/0d830798f20839d634278d7af0155f9e • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-37057
https://notcve.org/view.php?id=CVE-2023-37057
Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication mechanism. • http://jlink.com http://www.unionman.com.cn/en/contact.html https://github.com/ri5c/Jlink-Router-RCE https://jlink-global.com • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-38395
https://notcve.org/view.php?id=CVE-2024-38395
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable." • https://github.com/vin01/poc-cve-2024-38396 http://www.openwall.com/lists/oss-security/2024/06/17/1 https://gitlab.com/gnachman/iterm2/-/commit/f1e89f78dd72dcac3ba66d3d6f93db3f7f649219 https://gitlab.com/gnachman/iterm2/-/tags/v3.5.2 https://iterm2.com/downloads.html https://www.openwall.com/lists/oss-security/2024/06/15/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •