CVE-2024-31449 – Lua library commands may lead to stack overflow and RCE in Redis
https://notcve.org/view.php?id=CVE-2024-31449
An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. • https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9 https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5 • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •
CVE-2024-47559 – Authenticated RCE via Path Traversal
https://notcve.org/view.php?id=CVE-2024-47559
Authenticated RCE via Path Traversal • https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-47558 – Authenticated RCE via Path Traversal
https://notcve.org/view.php?id=CVE-2024-47558
Authenticated RCE via Path Traversal • https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-47557 – Pre-Auth RCE via Path Traversal
https://notcve.org/view.php?id=CVE-2024-47557
Pre-Auth RCE via Path Traversal • https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-47556 – Pre-Auth RCE via Path Traversal
https://notcve.org/view.php?id=CVE-2024-47556
Pre-Auth RCE via Path Traversal • https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •