CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27149 – Local Privilege Escalation and Remote Code Execution using insecure LD_PRELOAD
https://notcve.org/view.php?id=CVE-2024-27149
14 Jun 2024 — En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-276: Incorrect Default Permissions •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27148 – Local Privilege Escalation and Remote Code Execution using insecure PATH
https://notcve.org/view.php?id=CVE-2024-27148
14 Jun 2024 — En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-276: Incorrect Default Permissions •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27147 – Local Privilege Escalation and Remote Code Execution using snmpd
https://notcve.org/view.php?id=CVE-2024-27147
14 Jun 2024 — En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27146 – Lack of privileges separation
https://notcve.org/view.php?id=CVE-2024-27146
14 Jun 2024 — En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27145 – Multiple Post-authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-27145
14 Jun 2024 — This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... For detail on related other vulnerabilities, please ask to the below contact point. • https://packetstorm.news/files/id/179367 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27144 – Pre-authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-27144
14 Jun 2024 — The programs can be replaced by malicious programs by any local or remote attacker. The programs can be replaced by malicious programs by any local or remote attacker. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... The programs can be replaced by malicious programs by any local or remote attacker. • https://packetstorm.news/files/id/179367 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27143 – Pre-authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-27143
14 Jun 2024 — Using the private community, it is possible to remotely execute commands as root on the remote printer. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... • https://packetstorm.news/files/id/179367 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27142 – Pre-authenticated XXE injection
https://notcve.org/view.php?id=CVE-2024-27142
14 Jun 2024 — En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27141 – Pre-authenticated Time-Based Blind XXE injection
https://notcve.org/view.php?id=CVE-2024-27141
14 Jun 2024 — As for the affected products/models/versions, see the reference URL. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36600 – Ubuntu Security Notice USN-6855-1
https://notcve.org/view.php?id=CVE-2024-36600
14 Jun 2024 — Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. ... An attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://github.com/gashasbi/My-Reports/tree/main/CVE-2024-36600 • CWE-121: Stack-based Buffer Overflow •