CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5876 – IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5876
12 Jun 2024 — IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attack... • https://www.zerodayinitiative.com/advisories/ZDI-24-669 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5874 – IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5874
12 Jun 2024 — IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can ... • https://www.zerodayinitiative.com/advisories/ZDI-24-667 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5836 – Debian Security Advisory 5710-1
https://notcve.org/view.php?id=CVE-2024-5836
11 Jun 2024 — Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. ... (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5834 – Debian Security Advisory 5710-1
https://notcve.org/view.php?id=CVE-2024-5834
11 Jun 2024 — Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. ... (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28877 – MicroDicom DICOM Viewer Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-28877
11 Jun 2024 — MicroDicom DICOM Viewer is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-163-01 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37301 – document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection
https://notcve.org/view.php?id=CVE-2024-37301
11 Jun 2024 — Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. • https://github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074 • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 1CVE-2024-30052 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30052
11 Jun 2024 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Visual Studio • https://github.com/ynwarcs/CVE-2024-30052 • CWE-693: Protection Mechanism Failure •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35249 – Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-35249
11 Jun 2024 — Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Microsoft Dynamics 365 Business Central • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35249 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2024-30104 – Microsoft Office Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30104
11 Jun 2024 — Microsoft Office Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Office Microsoft Office 365 appears susceptible to macro code execution that can result in remote code execution. • https://packetstorm.news/files/id/179394 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-30103 – Microsoft Outlook Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30103
11 Jun 2024 — Microsoft Outlook Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Outlook • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30103 • CWE-184: Incomplete List of Disallowed Inputs •