CVE-2024-45847
https://notcve.org/view.php?id=CVE-2024-45847
An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. • https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVE-2024-45846
https://notcve.org/view.php?id=CVE-2024-45846
An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. • https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVE-2024-27321
https://notcve.org/view.php?id=CVE-2024-27321
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. • https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVE-2024-27320
https://notcve.org/view.php?id=CVE-2024-27320
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. • https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVE-2024-31336
https://notcve.org/view.php?id=CVE-2024-31336
In PVRSRVBridgeRGXKickTA3D2 of server_rgxta3d_bridge.c, there is a possible arbitrary code execution due to improper input validation. • https://source.android.com/security/bulletin/2024-09-01 • CWE-787: Out-of-bounds Write •