CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6247 – Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6247
21 Jun 2024 — Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. ... An attacker can leverage this vulnerability to execute code in the context of root... • https://forums.wyze.com/t/security-advisory/289256 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-37673
https://notcve.org/view.php?id=CVE-2024-37673
21 Jun 2024 — Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename parameter. • http://docubase.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3112 – Quotes and Tips < 1.45 - Admin+ Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-3112
21 Jun 2024 — This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://wpscan.com/vulnerability/fa6f01d6-aa3b-4452-9c5f-49bb227fea9d • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39349 – Synology BC500 synocam_param.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39349
21 Jun 2024 — This allows remote attackers to execute arbitrary code via unspecified vectors. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BC500 cameras. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.synology.com/en-global/security/advisory/Synology_SA_23_15 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6249 – Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6249
21 Jun 2024 — Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. ... An attacker can leverage this vulnerability to execute code in the co... • https://forums.wyze.com/t/security-advisory/289256 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23933 – Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23933
21 Jun 2024 — Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23238 This vulnera... • https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23934 – Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23934
21 Jun 2024 — Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context... • https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23938 – Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23938
21 Jun 2024 — Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. ... An attacker can leverage this vulnerability to execute code in the context of the device. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23184 This v... • https://community.silabs.com/a45Vm0000000Atp • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23972 – Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23972
21 Jun 2024 — Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23185 This vu... • https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23935 – Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23935
21 Jun 2024 — Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. ... An attacker can leverage this vulnerability to execute code in the context of root. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23249 This vulnerability allows network... • https://www.zerodayinitiative.com/advisories/ZDI-24-848 • CWE-121: Stack-based Buffer Overflow •