CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3120 – Stack-Buffer Overflow in 'Content-Length' and 'Warning' Header Processing in sngrep
https://notcve.org/view.php?id=CVE-2024-3120
This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via crafted SIP messages. • https://github.com/irontec/sngrep/pull/480/commits/f229a5d31b0be6a6cc3ab4cd9bfa4a1b5c5714c6 https://github.com/irontec/sngrep/releases/tag/v1.8.1 https://pentraze.com/vulnerability-reports • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3119 – Stack-Buffer Overflow in 'Call-ID' and 'X-Call-ID' SIP Header Processing in sngrep
https://notcve.org/view.php?id=CVE-2024-3119
This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages. • https://github.com/irontec/sngrep/pull/480/commits/73c15c82d14c69df311e05fa75da734faafd365f https://github.com/irontec/sngrep/releases/tag/v1.8.1 https://pentraze.com/vulnerability-reports • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25115 – RedisBloom heap buffer overflow in CF.LOADCHUNK command
https://notcve.org/view.php?id=CVE-2024-25115
Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, specially crafted `CF.LOADCHUNK` commands may be used by authenticated users to perform heap overflow, which may lead to remote code execution. • https://github.com/RedisBloom/RedisBloom/commit/2f3b38394515fc6c9b130679bcd2435a796a49ad https://github.com/RedisBloom/RedisBloom/security/advisories/GHSA-w583-p2wh-4vj5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-22423 – yt-dlp `--exec` command injection when using `%q` in yt-dlp on Windows
https://notcve.org/view.php?id=CVE-2024-22423
The patch that addressed CVE-2023-40581 attempted to prevent RCE when using `--exec` with `%q` by replacing double quotes with two double quotes. ... El parche que solucionó CVE-2023-40581 intentó evitar RCE al usar `--exec` con `%q` reemplazando comillas dobles con dos comillas dobles. • https://github.com/yt-dlp/yt-dlp/commit/de015e930747165dbb8fcd360f8775fd973b7d6e https://github.com/yt-dlp/yt-dlp/commit/ff07792676f404ffff6ee61b5638c9dc1a33a37a https://github.com/yt-dlp/yt-dlp/releases/tag/2021.04.11 https://github.com/yt-dlp/yt-dlp/releases/tag/2024.04.09 https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-hjq6-52gw-2g7p https://www.kb.cert.org/vuls/id/123335 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29985 – Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-29985
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Microsoft OLE DB para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29985 • CWE-122: Heap-based Buffer Overflow •