CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2024-26252 – Windows rndismp6.sys Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-26252
Windows rndismp6.sys Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Windows rndismp6.sys • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26252 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.3EPSS: 0%CPEs: 18EXPL: 0CVE-2024-21409 – .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21409
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en .NET, .NET Framework y Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31864 – Apache Zeppelin: Remote code execution by adding malicious JDBC connection string
https://notcve.org/view.php?id=CVE-2024-31864
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Zeppelin. The attacker can inject sensitive configuration or malicious code when connecting MySQL database via JDBC driver. This issue affects Apache Zeppelin: before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue. • http://www.openwall.com/lists/oss-security/2024/04/09/8 https://github.com/apache/zeppelin/pull/4709 https://lists.apache.org/thread/752qdk0rnkd9nqtornz734zwb7xdwcdb https://www.cve.org/CVERecord?id=CVE-2020-11974 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-48784
https://notcve.org/view.php?id=CVE-2023-48784
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or commands via specially crafted requests. • https://fortiguard.com/psirt/FG-IR-23-413 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2023-49913
https://notcve.org/view.php?id=CVE-2023-49913
A specially crafted series of HTTP requests can lead to remote code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •