CVE-2024-51186
https://notcve.org/view.php?id=CVE-2024-51186
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. • https://github.com/4hsien/CVE-vulns/blob/main/D-Link/DIR-820L/CI_ping_addr/README.md https://legacy.us.dlink.com/pages/product.aspx?id=00c2150966b046b58ba95d8ae3a8f73d https://www.dlink.com/en https://www.dlink.com/en/security-bulletin • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-51213
https://notcve.org/view.php?id=CVE-2024-51213
Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows a remote attacker to execute arbitrary code via the login.php component. • https://github.com/Prabhatsk7/CVE/blob/main/CVE-2024-51213 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-46962
https://notcve.org/view.php?id=CVE-2024-46962
The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.video.fast.SpeedMainAct component. • https://github.com/actuator/com.downloader.video.fast/blob/main/CVE-2024-46962 https://play.google.com/store/apps/details?id=com.downloader.video.fast • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-46963
https://notcve.org/view.php?id=CVE-2024-46963
The com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in One) application through 5.1.9 for Android allows an attacker to execute arbitrary JavaScript code via the com.bluesky.browser.ui.BrowserMainActivity component. • https://github.com/actuator/com.superfast.video.downloader/blob/main/CVE-2024-46963 https://play.google.com/store/apps/details?id=com.superfast.video.downloader • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-46964
https://notcve.org/view.php?id=CVE-2024-46964
The com.video.downloader.all (aka All Video Downloader) application through 11.28 for Android allows an attacker to execute arbitrary JavaScript code via the com.video.downloader.all.StartActivity component. • https://github.com/actuator/com.video.downloader.all/blob/main/CVE-2024-46964 https://play.google.com/store/apps/details?id=com.video.downloader.all • CWE-94: Improper Control of Generation of Code ('Code Injection') •