CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-33429
https://notcve.org/view.php?id=CVE-2024-33429
Buffer-Overflow vulnerability at pcm_convert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via a crafted .wav file. • https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/heap-buffer-overflow-2.assets/image-20240420011116818.png https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/heap-buffer-overflow-2.md https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/poc https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/heap-buffer-overflow-2 https://github.com/stsaz/phiola https://github.com/stsaz/phiola/issues/30 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-26504
https://notcve.org/view.php?id=CVE-2024-26504
An issue in Wifire Hotspot v.4.5.3 allows a local attacker to execute arbitrary code via a crafted payload to the dst parameter. • https://cwe.mitre.org/data/definitions/601.html https://portswigger.net/kb/issues/00500100_open-redirection-reflected https://tomiodarim.io/posts/cve-2024-26504 https://wifire.me/en/hotspot • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-32212
https://notcve.org/view.php?id=CVE-2024-32212
SQL Injection vulnerability in LOGINT LoMag Inventory Management v1.0.20.120 and before allows an attacker to execute arbitrary code via the ArticleGetGroups, DocAddDocument, ClassClickShop and frmSettings components. • https://gainsec.com/2024/04/28/cve-2024-32210-cve-2024-32211-cve-2024-32212-cve-2024-32213-lomag-integrator-ce-warehouse-management • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-23022
https://notcve.org/view.php?id=CVE-2023-23022
Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 employee's payroll management system 1.0, allows attackers to execute arbitrary code via the code, title, from_date and to_date inputs in file Main.php. • https://gist.github.com/enferas/ffc4d8e38e238709a3dedf3002cb321d •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-4192 – Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft
https://notcve.org/view.php?id=CVE-2024-4192
An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-121-01 • CWE-121: Stack-based Buffer Overflow •