CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5602 – Stack-based Buffer Overflow Vulnerability in NI I/O Trace Tool
https://notcve.org/view.php?id=CVE-2024-5602
A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. ... A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/stack-based-buffer-overflow-vulnerability-in-ni-io-trace-tool.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26020
https://notcve.org/view.php?id=CVE-2024-26020
A specially crafted flashcard can lead to a arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1993 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-21552
https://notcve.org/view.php?id=CVE-2024-21552
All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ‘eval’ function. An attacker could induce the LLM output to exploit this vulnerability and gain arbitrary code execution on the SuperAGI application server. • https://github.com/TransformerOptimus/SuperAGI/blob/9361f0491716e56bd0c0ae2f3b49da201a18c58c/superagi/agent/output_handler.py#L149 https://github.com/TransformerOptimus/SuperAGI/blob/9361f0491716e56bd0c0ae2f3b49da201a18c58c/superagi/agent/output_handler.py#L180 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38944
https://notcve.org/view.php?id=CVE-2024-38944
An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a remote attacker to execute arbitrary code via the /cgi-bin/generateForm.cgi?formID=142 component. Un problema en Intelight X-1L Traffic controller Maxtime v.1.9.6 permite a un atacante remoto ejecutar código arbitrario a través del componente /cgi-bin/generateForm.cgi?formID=142. • https://gist.github.com/LemonSec/6aaea8320187a38e1a398fa321f12303 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 1CVE-2024-6950 – import code injection
https://notcve.org/view.php?id=CVE-2024-6950
The manipulation of the argument file leads to code injection. ... Durch das Beeinflussen des Arguments file mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://gist.github.com/J1rrY-learn/c5818d700476c4debcf8a334a5c9c243 https://vuldb.com/?ctiid.272072 https://vuldb.com/?id.272072 https://vuldb.com/?submit.375244 • CWE-94: Improper Control of Generation of Code ('Code Injection') •