CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-28718
https://notcve.org/view.php?id=CVE-2024-28718
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component. • https://bugs.launchpad.net/magnum/+bug/2047690 https://gist.github.com/Fewword/f098d8d6375ac25e27b18c0e57be532f https://review.opendev.org/c/openstack/magnum/+/907305 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-30845
https://notcve.org/view.php?id=CVE-2024-30845
Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attacker to execute arbitrary code via the validation component of the input parameters. • https://gist.github.com/Zshan7que/c813f2b52daab08c9fb4f6c6b8178b66 https://github.com/netcccyun/pan/issues/6 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-25545
https://notcve.org/view.php?id=CVE-2024-25545
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a crafted script to the nwjs framework component. • https://gist.github.com/khronokernel/b68709335aa097752423f5d6844c3aa3 https://www.weavehelp.com/hc/en-us/articles/360060696152-Download-the-Weave-Desktop-App • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-44857
https://notcve.org/view.php?id=CVE-2023-44857
An issue in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the sub_21D24 function in the acu_web component. • https://pine-amphibian-9b9.notion.site/SAILOR-Ku-Software-RCE-and-Privilege-Escalation-Statistics-report-b8e953249468429d9f60b89ff653847a • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-44855
https://notcve.org/view.php?id=CVE-2023-44855
Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019 allows a remote attacker to execute arbitrary code via a crafted script to the rdiag, sender, and recipients parameters of the sub_219C4 function in the acu_web file. • https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Diagnostics-report-019462dcebf6428da34dd7daee21583b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •