CVSS: 0EPSS: 0%CPEs: -EXPL: 0CVE-2024-32394
https://notcve.org/view.php?id=CVE-2024-32394
An issue in ruijie.com/cn RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 and RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 allows a remote attacker to execute arbitrary code via a crafted HTTP request. • https://gist.github.com/Swind1er/7aad5c28e5bdc91d73fa7489b7250c94 •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-28699
https://notcve.org/view.php?id=CVE-2024-28699
A buffer overflow vulnerability in pdf2json v0.70 allows a local attacker to execute arbitrary code via the GString::copy() and ImgOutputDev::ImgOutputDev function. • http://pdf2json.com https://github.com/flexpaper/pdf2json https://github.com/flexpaper/pdf2json/issues/52 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-29661
https://notcve.org/view.php?id=CVE-2024-29661
A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload. • https://github.com/ysl1415926/cve/blob/main/DedeCMSv5.7_getshell.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-30799
https://notcve.org/view.php?id=CVE-2024-30799
An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and cause a denial of service via the Breach Return Point function. • https://github.com/PX4/PX4-Autopilot/issues/22428 •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2022-35503
https://notcve.org/view.php?id=CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM module container via a Virtual Network Function (VNF) descriptor. An attacker may be able execute code to change the normal execution of the OSM components, retrieve confidential information, or gain access other parts of a Telco Operator infrastructure other than OSM itself. • https://osm.etsi.org https://osm.etsi.org/news-events/blog/83-cve-2022-35503-disclosure • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-286: Incorrect User Management •