CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-48871 – Planet Technology Planet WGS-804HPT Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-48871
An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02 https://www.planet.com.tw/en/support/downloads?method=keyword&keyword=v1.305b241111 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21571
https://notcve.org/view.php?id=CVE-2024-21571
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent. The vulnerability enables an attacker to execute arbitrary code within the Code Agent container. • https://www.cve.org/CVERecord?id=CVE-2024-21571 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10771 – SICK InspectorP61x, SICK InspectorP62x and SICK TiM3xx are vulnerable for remote code execution
https://notcve.org/view.php?id=CVE-2024-10771
Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. • https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49041 – Microsoft Edge (Chromium-based) Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-49041
Microsoft Edge (Chromium-based) Spoofing Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49041 • CWE-449: The UI Performs the Wrong Action •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41644
https://notcve.org/view.php?id=CVE-2024-41644
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component. • https://github.com/GoesM/ROS-CVE-CNVDs https://github.com/ros-navigation/navigation2/issues/4496 https://github.com/ros-navigation/navigation2/pull/4521 • CWE-281: Improper Preservation of Permissions •