CVSS: 8.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-22423 – yt-dlp `--exec` command injection when using `%q` in yt-dlp on Windows
https://notcve.org/view.php?id=CVE-2024-22423
The patch that addressed CVE-2023-40581 attempted to prevent RCE when using `--exec` with `%q` by replacing double quotes with two double quotes. ... El parche que solucionó CVE-2023-40581 intentó evitar RCE al usar `--exec` con `%q` reemplazando comillas dobles con dos comillas dobles. • https://github.com/yt-dlp/yt-dlp/commit/de015e930747165dbb8fcd360f8775fd973b7d6e https://github.com/yt-dlp/yt-dlp/commit/ff07792676f404ffff6ee61b5638c9dc1a33a37a https://github.com/yt-dlp/yt-dlp/releases/tag/2021.04.11 https://github.com/yt-dlp/yt-dlp/releases/tag/2024.04.09 https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-hjq6-52gw-2g7p https://www.kb.cert.org/vuls/id/123335 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29985 – Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-29985
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Microsoft OLE DB para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29985 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29984 – Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-29984
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Microsoft OLE DB para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29984 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29983 – Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-29983
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Microsoft OLE DB para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29983 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29982 – Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-29982
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Microsoft OLE DB para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29982 • CWE-122: Heap-based Buffer Overflow •