CVE-2024-42918
https://notcve.org/view.php?id=CVE-2024-42918
itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php. • https://github.com/n00bS3cLe4rner/CVE-s/blob/main/CVE-2024-42918.md https://packetstormsecurity.com •
CVE-2024-42756
https://notcve.org/view.php?id=CVE-2024-42756
An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via the Diagnostics page • https://github.com/Nop3z/CVE/blob/main/Netgear/Netgear%20DGN1000%20RCE/Netgear%20DGN1000%20RCE.md https://www.netgear.com/about/security • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-42845 – Invesalius 3.1 Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-42845
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file. • https://github.com/invesalius/invesalius3 https://github.com/invesalius/invesalius3/releases https://github.com/partywavesec/invesalius3_vulnerabilities/tree/main/CVE-2024-42845 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-38210 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38210
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38210 • CWE-125: Out-of-bounds Read •
CVE-2024-38209 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38209
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38209 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •