CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-31003
https://notcve.org/view.php?id=CVE-2024-31003
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp. • https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31003 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31002
https://notcve.org/view.php?id=CVE-2024-31002
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4 BitReader::ReadCache() at Ap4Utils.cpp component. • https://github.com/axiomatic-systems/Bento4/issues/939 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31002 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-21473 – Improper Input Validation in WIN SON
https://notcve.org/view.php?id=CVE-2024-21473
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple Qualcomm chipsets. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-24724 – Gibbon LMS v26.0.00 - SSTI vulnerability
https://notcve.org/view.php?id=CVE-2024-24724
Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messengerSettings.php) without sanitization. ... Gibbon version 26.0.00 suffers from a server-side template injection vulnerability that allows for remote code execution. • https://www.exploit-db.com/exploits/51962 https://gibbonedu.org/download https://packetstormsecurity.com/files/177857 • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-20039
https://notcve.org/view.php?id=CVE-2024-20039
This could lead to remote code execution with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-787: Out-of-bounds Write •