CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9348 – Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view
https://notcve.org/view.php?id=CVE-2024-9348
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. Docker Desktop anterior a v4.34.3 permite RCE a través de un enlace de origen de GitHub no desinfectado en la vista de compilación. • https://docs.docker.com/desktop/release-notes/#4343 • CWE-20: Improper Input Validation CWE-116: Improper Encoding or Escaping of Output •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-45257 – BYOB Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-45257
https://blog.chebuya.com/posts/unauthenticated-remote-command-execution-on-byob •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-49254 – WordPress ajax-extend plugin <= 1.0 - Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-49254
Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code Injection.This issue affects ajax-extend: from n/a through 1.0. La vulnerabilidad de control inadecuado de generación de código ('Inyección de código') en Sunjianle permite la inyección de código. Este problema afecta a ajax-extend: desde n/a hasta 1.0. • https://patchstack.com/database/vulnerability/ajax-extend/wordpress-ajax-extend-plugin-1-0-remote-code-execution-rce-vulnerability? • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-48042 – WordPress Contact Form by Supsystic plugin <= 1.7.28 - Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-48042
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Contact Form by Supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through 1.7.28. La vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un motor de plantillas en Supsystic Contact Form de Supsystic permite la inyección de comandos. Este problema afecta a Contact Form de Supsystic: desde n/a hasta 1.7.28. • https://patchstack.com/database/vulnerability/contact-form-by-supsystic/wordpress-contact-form-by-supsystic-plugin-1-7-28-remote-code-execution-rce-vulnerability? • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-49271 – WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.121 - Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-49271
: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows : Command Injection.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.121. : Vulnerabilidad de neutralización inadecuada de elementos especiales utilizados en un motor de plantillas en Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) permite: Inyección de comandos. Este problema afecta a Unlimited Elements For Elementor (Free Widgets, Addons, Templates): desde n/a hasta 1.5.121. • https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-free-widgets-addons-templates-plugin-1-5-121-remote-code-execution-rce-vulnerability? • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •