CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5304 – Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5304
Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-549 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5269 – Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5269
Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-545 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5499
https://notcve.org/view.php?id=CVE-2024-5499
Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/339877167 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5496
https://notcve.org/view.php?id=CVE-2024-5496
Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/338929744 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34171 – Fuji Electric Monitouch V-SFT Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-34171
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 • CWE-121: Stack-based Buffer Overflow •