CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7620 – Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import
https://notcve.org/view.php?id=CVE-2024-7620
This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/changeset/3144365/customizer-export-import https://www.wordfence.com/threat-intel/vulnerabilities/id/7600e7df-725d-4877-b0bf-5329f814723f?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8463 – File upload restriction bypass vulnerability in Job Portal
https://notcve.org/view.php?id=CVE-2024-8463
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45107 – ZDI-CAN-24186: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-45107
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-45063 – Multiple issues in ctl(4) CAM Target Layer
https://notcve.org/view.php?id=CVE-2024-45063
A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. • https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-43110 – Multiple issues in ctl(4) CAM Target Layer
https://notcve.org/view.php?id=CVE-2024-43110
A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. • https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc • CWE-125: Out-of-bounds Read •