CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5836
https://notcve.org/view.php?id=CVE-2024-5836
Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/341875171 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5834
https://notcve.org/view.php?id=CVE-2024-5834
Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/342840932 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-28877 – MicroDicom DICOM Viewer Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-28877
MicroDicom DICOM Viewer is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-163-01 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37301 – document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection
https://notcve.org/view.php?id=CVE-2024-37301
Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. • https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074 https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6 • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 1CVE-2024-30052 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30052
Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Visual Studio • https://github.com/ynwarcs/CVE-2024-30052 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052 • CWE-693: Protection Mechanism Failure •