CVSS: 4.0EPSS: %CPEs: -EXPL: 0CVE-2023-4458 – Linux Kernel ksmbd smb2_open Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-4458
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. •
CVSS: 5.8EPSS: %CPEs: -EXPL: 0CVE-2023-39176 – Linux Kernel ksmbd Transform Header Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-39176
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2023-51635 – NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51635
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. ... An attacker can leverage this vulnerability to execute code in the context of root. •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36528
https://notcve.org/view.php?id=CVE-2024-36528
nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before have a Deserialization vulnerability which results in code execution via /admin/extensions/download.php and /admin/extensions/upload.php. • https://mat4mee.notion.site/2-bug-chains-in-nukeViet-lead-to-RCE-bdd42b20b05a448fbe87c752b41bb15f • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5723 – Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5723
Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. ... An attacker can leverage this vulnerability to execute code in the context of the apache user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. ... An attacker can leverage this vulnerability to execute code in the context of the apache user. • https://www.zerodayinitiative.com/advisories/ZDI-24-595 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •