CVE-2024-37001 – Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37001
A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-23142 – Autodesk AutoCAD MODEL File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23142
This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-416: Use After Free •
CVE-2024-37004 – Autodesk AutoCAD SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37004
This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-416: Use After Free •
CVE-2024-1577 – Remote Code Execution in MegaBIP
https://notcve.org/view.php?id=CVE-2024-1577
Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. • https://cert.pl/en/posts/2024/06/CVE-2024-1576 https://cert.pl/posts/2024/06/CVE-2024-1576 https://megabip.pl https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznej • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-5720 – Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5720
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. ... The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. •