CVSS: 6.2EPSS: %CPEs: -EXPL: 0CVE-2024-29421
https://notcve.org/view.php?id=CVE-2024-29421
xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c which allows an attacker to execute arbitrary code. xmedcon 0.23.0 y corregido en v.0.24.0 es vulnerable a Buffer Overflow a través de libs/dicom/basic.c, lo que permite a un atacante ejecutar código arbitrario. • https://github.com/SpikeReply/advisories/blob/530dbd7ce68600a22c47dd1bcbe360220feda1d9/cve/xmedcon/cve-2024-29421.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20360
https://notcve.org/view.php?id=CVE-2024-20360
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. ... A successful exploit could allow the attacker to obtain any data from the database, execute arbitrary commands on the underlying operating system, and elevate privileges to root. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sqli-WFFDnNOs • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-33228
https://notcve.org/view.php?id=CVE-2024-33228
An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33228 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-33227
https://notcve.org/view.php?id=CVE-2024-33227
An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33227 •
CVSS: 9.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-33226
https://notcve.org/view.php?id=CVE-2024-33226
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33226 • CWE-269: Improper Privilege Management •