CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2024-49086 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49086
10 Dec 2024 — Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49086 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2024-49085 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49085
10 Dec 2024 — Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49085 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49070 – Microsoft SharePoint Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49070
10 Dec 2024 — Microsoft SharePoint Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49070 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49069 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49069
10 Dec 2024 — Microsoft Excel Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49069 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-54152 – Angular Expressions - Remote Code Execution when using locals
https://notcve.org/view.php?id=CVE-2024-54152
10 Dec 2024 — Prior to version 1.4.3, an attacker can write a malicious expression that escapes the sandbox to execute arbitrary code on the system. With a more complex (undisclosed) payload, one can get full access to Arbitrary code execution on the system. • https://github.com/math-x-io/CVE-2024-54152-poc • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53242 – Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-53242
10 Dec 2024 — This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-25206) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-583523.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53041 – Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-53041
10 Dec 2024 — This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-25000) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-583523.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 40EXPL: 0CVE-2024-49849
https://notcve.org/view.php?id=CVE-2024-49849
10 Dec 2024 — This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. • https://cert-portal.siemens.com/productcert/html/ssa-800126.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-37143
https://notcve.org/view.php?id=CVE-2024-37143
10 Dec 2024 — An unauthenticated attacker with remote access could potentially exploit this vulnerability to execute arbitrary code on the system. • https://www.dell.com/support/kbdoc/en-us/000258342/dsa-2024-405-security-update-for-dell-products-for-multiple-vulnerabilities • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-50930
https://notcve.org/view.php?id=CVE-2024-50930
10 Dec 2024 — An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code. • https://github.com/CNK2100/2024-CVE/blob/main/README.md • CWE-281: Improper Preservation of Permissions •