CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-55509
https://notcve.org/view.php?id=CVE-2024-55509
SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component. • https://github.com/prithivilakshmanan/CSV/blob/main/CVE-2024-55509.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12677 – Delta Electronics DTM Soft Deserialization of Untrusted Data
https://notcve.org/view.php?id=CVE-2024-12677
Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DTM Soft. ... An attacker can leverage this vulnerability to execute code in the context of the current user. • https://downloadcenter.deltaww.com/en-US/DownloadCenter?v=1&q=dtm&sort_expr=cdate&sort_dir=DESC https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-03 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12828 – Webmin CGI Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-12828
Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1725 https://github.com/webmin/authentic-theme/commit/61e5b10227b50407e3c6ac494ffbd4385d1b59df • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12834 – Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-12834
Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-1722 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12835 – Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-12835
Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-1723 • CWE-787: Out-of-bounds Write •