CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1577 – Remote Code Execution in MegaBIP
https://notcve.org/view.php?id=CVE-2024-1577
12 Jun 2024 — Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files... • https://cert.pl/en/posts/2024/06/CVE-2024-1576 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5718 – Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5718
12 Jun 2024 — Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to execute code in ... • https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5720 – Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5720
12 Jun 2024 — Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to execute code in the c... • https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37878
https://notcve.org/view.php?id=CVE-2024-37878
12 Jun 2024 — Cross Site Scripting vulnerability in TWCMS v.2.0.3 allows a remote attacker to execute arbitrary code via the /TWCMS-gh-pages/twcms/runtime/twcms_view/default,index.htm.php" PHP directly echoes parameters input from external sources Vulnerabilidad de Cross Site Scripting en TWCMS v.2.0.3 permite a un atacante remoto ejecutar código arbitrario a través de /TWCMS-gh-pages/twcms/runtime/twcms_view/default,index.htm.php" PHP repite directamente la entrada de parámetros desde fuentes... • https://gist.github.com/sylvieverykawaii/243f1756151bee027725c6961d8c1ba9 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5877 – IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5877
12 Jun 2024 — IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can ... • https://www.zerodayinitiative.com/advisories/ZDI-24-666 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5722 – Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5722
12 Jun 2024 — Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to execut... • https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5875 – IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5875
12 Jun 2024 — IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can ... • https://www.zerodayinitiative.com/advisories/ZDI-24-668 • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5719 – Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5719
12 Jun 2024 — Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to execute code in the c... • https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5717 – Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5717
12 Jun 2024 — Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. This vulnerability allows remote attackers to execute arbitrary <... • https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5721 – Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5721
12 Jun 2024 — Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to execute code in ... • https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes • CWE-306: Missing Authentication for Critical Function •