CVE-2024-20091
https://notcve.org/view.php?id=CVE-2024-20091
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-125: Out-of-bounds Read •
CVE-2024-45293 – XML External Entity Reference (XXE) in PHPSpreadsheet's XLSX reader
https://notcve.org/view.php?id=CVE-2024-45293
Sensitive information disclosure through the XXE on sites that allow users to upload their own excel spreadsheets, and parse them using PHPSpreadsheet's Excel parser. • https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-6hwr-6v2f-3m88 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2024-47136
https://notcve.org/view.php?id=CVE-2024-47136
Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. • https://jvn.jp/en/vu/JVNVU92808077 https://www.electronics.jtekt.co.jp/en/topics/202410026928 https://www.electronics.jtekt.co.jp/jp/topics/2024100217388 • CWE-125: Out-of-bounds Read •
CVE-2024-47135
https://notcve.org/view.php?id=CVE-2024-47135
Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. • https://jvn.jp/en/vu/JVNVU92808077 https://www.electronics.jtekt.co.jp/en/topics/202410026928 https://www.electronics.jtekt.co.jp/jp/topics/2024100217388 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-47134
https://notcve.org/view.php?id=CVE-2024-47134
Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. • https://jvn.jp/en/vu/JVNVU92808077 https://www.electronics.jtekt.co.jp/en/topics/202410026928 https://www.electronics.jtekt.co.jp/jp/topics/2024100217388 • CWE-787: Out-of-bounds Write •