CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52408 – WordPress Push Notifications for WordPress by PushAssist plugin <= 3.0.8 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52408
The Push Notifications for WordPress by PushAssist plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 3.0.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/push-notification-for-wp-by-pushassist/wordpress-push-notifications-for-wordpress-by-pushassist-plugin-3-0-8-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49509 – InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2024-49509
InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-88.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49507 – InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2024-49507
InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. ... InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-88.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49508 – InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2024-49508
InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. ... InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-88.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49525 – Substance3D - Painter | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2024-49525
Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html • CWE-122: Heap-based Buffer Overflow •