CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5948 – Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5948
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.zerodayinitiative.com/advisories/ZDI-24-672 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-30376 – Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-30376
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the application's use of Qt. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of an administrator. •
CVSS: 9.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-38293
https://notcve.org/view.php?id=CVE-2024-38293
ALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php. • https://adullact.net/frs/download.php/file/8930/CHANGELOG.md https://alcasar.net/download • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5924 – Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-5924
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. ... An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. ... This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. ... An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. • https://www.zerodayinitiative.com/advisories/ZDI-24-677 • CWE-693: Protection Mechanism Failure •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-23145 – Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23145
A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read •