CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5499
https://notcve.org/view.php?id=CVE-2024-5499
Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/339877167 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5496
https://notcve.org/view.php?id=CVE-2024-5496
Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/338929744 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34171 – Fuji Electric Monitouch V-SFT Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-34171
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5271 – Fuji Electric Monitouch V-SFT Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2024-5271
Fuji Electric Monitouch V-SFT is vulnerable to an out-of-bounds write because of a type confusion, which could result in arbitrary code execution. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-2422 – LenelS2 NetBox Improper Neutralization of Argumented Delimiters
https://notcve.org/view.php?id=CVE-2024-2422
LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands. Se descubrió que el sistema de monitoreo de eventos y control de acceso LenelS2 NetBox contiene un RCE autenticado en versiones anteriores a la 5.6.1 incluida, lo que permite a un atacante ejecutar comandos maliciosos. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01 https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •