CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-9766 – Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-9766
This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within WTabletServicePro process. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-45184
https://notcve.org/view.php?id=CVE-2024-45184
A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service. • https://semiconductor.samsung.com/support/quality-support/product-security-updates https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-45184 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-48938
https://notcve.org/view.php?id=CVE-2024-48938
Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. • https://www.znuny.com https://www.znuny.org/en/advisories https://www.znuny.org/en/advisories/zsa-2024-04 •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9787 – Contemporary Control System BASrouter BACnet BASRT-B UDP Packet denial of service
https://notcve.org/view.php?id=CVE-2024-9787
The manipulation leads to denial of service. ... Dank der Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.279939 https://vuldb.com/?ctiid.279939 https://vuldb.com/?submit.414499 https://github.com/isZzzz/BASRT-B_BriefDoS_Document/blob/main/report.md • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9781 – Improper Handling of Missing Values in Wireshark
https://notcve.org/view.php?id=CVE-2024-9781
AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-13.html https://gitlab.com/wireshark/wireshark/-/issues/20114 • CWE-230: Improper Handling of Missing Values •