CVSS: 10.0EPSS: 95%CPEs: 5EXPL: 66CVE-2024-4577 – PHP-CGI OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-4577
09 Jun 2024 — .* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc. PHP CGI module may misinterpret those characters as... • https://github.com/l0n3m4n/CVE-2024-4577-RCE • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45188 – IBM Engineering Lifecycle Optimization Publishing file upload
https://notcve.org/view.php?id=CVE-2023-45188
09 Jun 2024 — IBM Engineering Lifecycle Optimization Publishing 7.0.2 and 7.03 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/268751 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 2CVE-2024-37569
https://notcve.org/view.php?id=CVE-2024-37569
09 Jun 2024 — Attackers can achieve remote code execution in the root context by placing shell metacharacters in the hostname parameter. • https://github.com/kwburns/CVE/blob/main/Mitel/5.0.0.1018/code/exploit-provis.py • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45707 – HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-45707
08 Jun 2024 — HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108427 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36969 – drm/amd/display: Fix division by zero in setup_dsc_config
https://notcve.org/view.php?id=CVE-2024-36969
08 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/a32c8f951c8a456c1c251e1dcdf21787f8066445 • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36968 – Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
https://notcve.org/view.php?id=CVE-2024-36968
08 Jun 2024 — divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI CPU: 0 PID: 67 Comm: kworker/u5:0 Tainted: G W 6.9.0-rc5+ #20 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Workqueue: hci0 hci_rx_work RIP: 0010:l2cap_le_flowctl_init+0x19e/0x3f0 net/bluetooth/l2cap_core.c:547 Code: e8 17 17 0c 00 66 41 89 9f 84 00 00 00 bf 01 00 00 00 41 b8 02 00 00 00 4c 89 fe 4c 89 e2 89 d9 e8 27 17 0c 00 44 89 f0 31 d2 <66> f7 f3 89 c3 ff c3 4d 8d b7 88 00 00 00 4c 89 f0 48 c1 e8 03 42 RSP: 0018:ff... • https://git.kernel.org/stable/c/6ed58ec520ad2b2fe3f955c8a5fd0eecafccebdf • CWE-190: Integer Overflow or Wraparound CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36967 – KEYS: trusted: Fix memory leak in tpm2_key_encode()
https://notcve.org/view.php?id=CVE-2024-36967
08 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/f2219745250f388edacabe6cca73654131c67d0a • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36965 – remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
https://notcve.org/view.php?id=CVE-2024-36965
08 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/3efa0ea743b77d1611501f7d8b4f320d032d73ae •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7261 – Google Chrome Updater DosDevices Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-7261
07 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update mechanism. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/zerozenxlabs/CVE-2023-7261 • CWE-233: Improper Handling of Parameters •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36082 – Music Store - WordPress eCommerce <= 1.1.13 - Authenticated (Admin+) SQL Injection
https://notcve.org/view.php?id=CVE-2024-36082
07 Jun 2024 — SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. ... The Music Store – WordPress eCommerce plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.1.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. • https://jvn.jp/en/jp/JVN79213252 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •