CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 2CVE-2024-36598 – AEGON LIFE 1.0 Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-36598
14 Jun 2024 — An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file. ... AEGON LIFE version 1.0 suffers from an unauthenticated remote code execution vulnerability. • https://packetstorm.news/files/id/179087 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6000 – FooEvents for WooCommerce <= 1.19.20 - Improper Authorization to (Contributor+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-6000
14 Jun 2024 — This makes it possible for authenticated attackers with contributor-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://help.fooevents.com/docs/topics/changelogs/fooevents-for-woocommerce • CWE-285: Improper Authorization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24320
https://notcve.org/view.php?id=CVE-2024-24320
14 Jun 2024 — Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function. • https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32925
https://notcve.org/view.php?id=CVE-2024-32925
13 Jun 2024 — This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32913
https://notcve.org/view.php?id=CVE-2024-32913
13 Jun 2024 — This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32905
https://notcve.org/view.php?id=CVE-2024-32905
13 Jun 2024 — This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29786
https://notcve.org/view.php?id=CVE-2024-29786
13 Jun 2024 — This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4696 – Lenovo Service Bridge Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-4696
13 Jun 2024 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Lenovo Service Bridge. ... When parsing a crafted URL, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. • https://support.lenovo.com/us/en/product_security/LEN-163429 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 9CVE-2024-2023 – Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload
https://notcve.org/view.php?id=CVE-2024-2023
13 Jun 2024 — The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to upload files to arbitrary locations on the server. El complemento Folders and Folders Pro para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 3.0 en Folders y la 3.0.2 en Folders Pro a ... • https://github.com/W01fh4cker/CVE-2024-27198-RCE • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-20753 – Adobe Photoshop PDF File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20753
13 Jun 2024 — An attacker could leverage this vulnerability to execute code in the context of the current user. • https://helpx.adobe.com/security/products/photoshop/apsb24-27.html • CWE-125: Out-of-bounds Read •