CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-50956
https://notcve.org/view.php?id=CVE-2024-50956
A buffer overflow in the RecvSocketData function of Inovance HCPLC_AM401-CPU1608TPTN 21.38.0.0, HCPLC_AM402-CPU1608TPTN 41.38.0.0, and HCPLC_AM403-CPU1608TN 81.38.0.0 allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted Modbus message. • https://github.com/Curator-Kim/Vulnerability-mining/blob/master/INOVANCE%20AM400%20Series%20Modbus%20buffer%20overflow/INOVANCE%20AM400%20Series%20Modbus%20buffer%20overflow.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49515 – Substance3D - Painter | Untrusted Search Path (CWE-426)
https://notcve.org/view.php?id=CVE-2024-49515
Substance3D - Painter versions 10.1.0 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. • https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8069 – Limited remote code execution with privilege of a NetworkService Account access
https://notcve.org/view.php?id=CVE-2024-8069
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server • https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-49050 – Visual Studio Code Python Extension Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49050
Visual Studio Code Python Extension Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49050 • CWE-501: Trust Boundary Violation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49048 – TorchGeo Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49048
TorchGeo Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49048 • CWE-94: Improper Control of Generation of Code ('Code Injection') •