CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49041 – Microsoft Edge (Chromium-based) Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-49041
06 Dec 2024 — Microsoft Edge (Chromium-based) Spoofing Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. ... An attacker can leverage this vulnerability to execute code in the context of the current user. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49041 • CWE-449: The UI Performs the Wrong Action •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41648
https://notcve.org/view.php?id=CVE-2024-41648
06 Dec 2024 — Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_pursuit_controller. • https://github.com/GoesM/ROS-CVE-CNVDs • CWE-281: Improper Preservation of Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41650
https://notcve.org/view.php?id=CVE-2024-41650
06 Dec 2024 — Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d. • https://github.com/GoesM/ROS-CVE-CNVDs • CWE-281: Improper Preservation of Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41647
https://notcve.org/view.php?id=CVE-2024-41647
06 Dec 2024 — Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_mppi_controller. • https://github.com/GoesM/ROS-CVE-CNVDs • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55268
https://notcve.org/view.php?id=CVE-2024-55268
06 Dec 2024 — A Reflected Cross Site Scripting (XSS) vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter. • https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/COVID19/Reflected%20Cross%20Site%20reg.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11944 – iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11944
06 Dec 2024 — iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. ... An attacker can leverage this in conjunction with other vulnerabilities to e... • https://www.truenas.com/docs/core/13.0/gettingstarted/corereleasenotes/#130-u63 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41646
https://notcve.org/view.php?id=CVE-2024-41646
06 Dec 2024 — Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_dwb_controller. • https://github.com/GoesM/ROS-CVE-CNVDs • CWE-281: Improper Preservation of Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41649
https://notcve.org/view.php?id=CVE-2024-41649
06 Dec 2024 — Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_. • https://github.com/GoesM/ROS-CVE-CNVDs • CWE-281: Improper Preservation of Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41645
https://notcve.org/view.php?id=CVE-2024-41645
06 Dec 2024 — Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl. • https://github.com/GoesM/ROS-CVE-CNVDs • CWE-281: Improper Preservation of Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41644
https://notcve.org/view.php?id=CVE-2024-41644
06 Dec 2024 — Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component. • https://github.com/GoesM/ROS-CVE-CNVDs • CWE-281: Improper Preservation of Permissions •