CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20785 – Adobe Indesign 2024 TIFF File Parsing Memory Corruption Remote Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2024-20785
09 Jul 2024 — InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-48.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34123 – Adobe Premiere Pro arbitrary DLL loading lead to remote code execution
https://notcve.org/view.php?id=CVE-2024-34123
09 Jul 2024 — Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38517 – Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow
https://notcve.org/view.php?id=CVE-2024-38517
09 Jul 2024 — An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. • https://github.com/Tencent/rapidjson/pull/1261/commits/8269bc2bc289e9d343bae51cdf6d23ef0950e001 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6222 – In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages
https://notcve.org/view.php?id=CVE-2024-6222
09 Jul 2024 — An attacker must first obtain the ability to execute high-privileged code within the container in order to exploit this vulnerability. The specific flaw exists within the the implemention of the Docker Extensions functionality. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the host. • https://github.com/Florian-Hoth/CVE-2024-6222 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38095 – .NET and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38095
09 Jul 2024 — An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095 • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 1CVE-2024-38094 – Microsoft SharePoint Deserialization Vulnerability
https://notcve.org/view.php?id=CVE-2024-38094
09 Jul 2024 — Microsoft SharePoint Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft SharePoint Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution. • https://packetstorm.news/files/id/179460 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38078 – Xbox Wireless Adapter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38078
09 Jul 2024 — Xbox Wireless Adapter Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38078 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38076 – Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38076
09 Jul 2024 — Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38076 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2024-38074 – Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38074
09 Jul 2024 — Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38074 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38066 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38066
09 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38066 • CWE-416: Use After Free •