CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13045 – Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-13045
30 Dec 2024 — Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. ... An attacker can leverage this vulnerability to execute code in the context of the ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1729 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56264 – WordPress ACF City Selector plugin <= 1.14.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-56264
30 Dec 2024 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/wordpress/plugin/acf-city-selector/vulnerability/wordpress-acf-city-selector-plugin-1-14-0-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56249 – WordPress WPMasterToolKit plugin <= 1.13.1 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-56249
30 Dec 2024 — This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/wordpress/plugin/wpmastertoolkit/vulnerability/wordpress-wpmastertoolkit-plugin-1-13-1-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13051 – Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-13051
30 Dec 2024 — Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. ... An attacker can leverage this vulnerability to execute code in the context o... • https://www.zerodayinitiative.com/advisories/ZDI-24-1735 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12752 – Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-12752
30 Dec 2024 — Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker ... • https://www.foxit.com/support/security-bulletins.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13044 – Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-13044
30 Dec 2024 — Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. ... An attacker can leverage this vulnerability to execute code in the context of the current ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1728 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-7074 – WSO2 API Manager SynapseArtifactUploaderAdmin Unrestricted File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7074
30 Dec 2024 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of WSO2 API Manager. ... An attacker can leverage this vulnerability to execute code in the context of the service account. •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13049 – Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-13049
30 Dec 2024 — Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. ... An attacker can leverage this vulnerability to execute code in the context of the current proce... • https://www.zerodayinitiative.com/advisories/ZDI-24-1733 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12753 – Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-12753
30 Dec 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to escalate privileges and execute... • https://www.foxit.com/support/security-bulletins.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13046 – Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-13046
30 Dec 2024 — Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. ... An attacker can leverage this vulnerability to execute code in the context of the current ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1730 • CWE-787: Out-of-bounds Write •