CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2023-49908
https://notcve.org/view.php?id=CVE-2023-49908
A specially crafted series of HTTP requests can lead to remote code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2023-49907
https://notcve.org/view.php?id=CVE-2023-49907
A specially crafted series of HTTP requests can lead to remote code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2023-49906
https://notcve.org/view.php?id=CVE-2023-49906
A specially crafted series of HTTP requests can lead to remote code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 1CVE-2024-2224 – Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-11466)
https://notcve.org/view.php?id=CVE-2024-2224
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. • https://github.com/SeanPesce/CVE-2024-22243 https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-the-gravityzone-productmanager-updateserver-kitsmanager-api-va-11466 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2024-29988 – Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-29988
SmartScreen Prompt Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de solicitud de SmartScreen This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to execute code in the context of the current user. ... This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file. • https://github.com/Sploitus/CVE-2024-29988-exploit https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988 • CWE-693: Protection Mechanism Failure •