CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39384 – Premiere Pro | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-39384
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43760 – Photoshop Desktop | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-43760
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. • https://helpx.adobe.com/security/products/photoshop/apsb24-72.html • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7626 – WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) <= 1.6.9 - Improper Path Validation to Authenticated (Subscriber+) Arbitrary File Move and Read
https://notcve.org/view.php?id=CVE-2024-7626
This makes it possible for authenticated attackers, with subscriber-level access and above, to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php). • https://www.wordfence.com/threat-intel/vulnerabilities/id/3c98bb53-9f7e-4ab3-9676-e3dbfb4a0519?source=cve https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L260 https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L355 https://plugins.trac.wordpress.org/changeset/3148996/delicious-recipes/trunk/src/dashboard/class-delicious-recipes-form-handler.php • CWE-73: External Control of File Name or Path •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-44872
https://notcve.org/view.php?id=CVE-2024-44872
A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. • https://github.com/moziloDasEinsteigerCMS/mozilo3.0 https://github.com/sec-fortress/Exploits/tree/main/CVE-2024-44872 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-38249 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38249
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38249 • CWE-416: Use After Free •