CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-31004
https://notcve.org/view.php?id=CVE-2024-31004
An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,mp4fragment. • https://github.com/axiomatic-systems/Bento4/issues/941 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31004 •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-29276
https://notcve.org/view.php?id=CVE-2024-29276
An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component. • https://www.cnblogs.com/Rainy-Day/p/18061399 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-31003
https://notcve.org/view.php?id=CVE-2024-31003
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp. • https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31003 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31002
https://notcve.org/view.php?id=CVE-2024-31002
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4 BitReader::ReadCache() at Ap4Utils.cpp component. • https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31002 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-21473 – Improper Input Validation in WIN SON
https://notcve.org/view.php?id=CVE-2024-21473
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple Qualcomm chipsets. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-20: Improper Input Validation •