CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-52770
https://notcve.org/view.php?id=CVE-2024-52770
An arbitrary file upload vulnerability in the component /admin/file_manage_control of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44308 – Apple Multiple Products Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-44308
Processing maliciously crafted web content may lead to arbitrary code execution. ... Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to arbitrary code execution. • https://support.apple.com/en-us/121752 https://support.apple.com/en-us/121753 https://support.apple.com/en-us/121754 https://support.apple.com/en-us/121755 https://support.apple.com/en-us/121756 •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44307
https://notcve.org/view.php?id=CVE-2024-44307
An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/120911 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44306
https://notcve.org/view.php?id=CVE-2024-44306
An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/120911 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-9433
https://notcve.org/view.php?id=CVE-2018-9433
This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-07-01 • CWE-116: Improper Encoding or Escaping of Output •