CVE-2024-11488 – 115cms web_user.html cross site scripting
https://notcve.org/view.php?id=CVE-2024-11488
A vulnerability was found in 115cms up to 20240807 and classified as problematic. This issue affects some unknown processing of the file /app/admin/view/web_user.html. The manipulation of the argument ks leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Hebing123/cve/issues/70 https://vuldb.com/?ctiid.285503 https://vuldb.com/?id.285503 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-10094
https://notcve.org/view.php?id=CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code Las versiones 6.x a Infinity 24.1.1 de Pega Platform se ven afectadas por un problema con el control inadecuado de la generación de código • https://support.pega.com/support-doc/pega-security-advisory-d24-vulnerability-remediation-note • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-10382 – Arbitrary Code execution in Car App Android Jetpack Library
https://notcve.org/view.php?id=CVE-2024-10382
In combination with other gadgets, this can lead to arbitrary code execution. • https://developer.android.com/jetpack/androidx/releases/car-app#1.7.0-beta03 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVE-2024-44308 – Apple Multiple Products Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-44308
Processing maliciously crafted web content may lead to arbitrary code execution. ... Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to arbitrary code execution. • https://support.apple.com/en-us/121752 https://support.apple.com/en-us/121753 https://support.apple.com/en-us/121754 https://support.apple.com/en-us/121755 https://support.apple.com/en-us/121756 •
CVE-2018-9428
https://notcve.org/view.php?id=CVE-2018-9428
This could lead to local arbitrary code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-07-01 • CWE-787: Out-of-bounds Write •