CVE-2024-42757
https://notcve.org/view.php?id=CVE-2024-42757
Command injection vulnerability in Asus RT-N15U 3.0.0.4.376_3754 allows a remote attacker to execute arbitrary code via the netstat function page. • https://github.com/Nop3z/CVE/blob/main/Asus/FW_RT_N15U_30043763754/FW_RT_N15U_30043763754%20RCE.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2024-43368 – Trix has a Cross-Site Scripting (XSS) vulnerability on copy & paste
https://notcve.org/view.php?id=CVE-2024-43368
The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. ... An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's session, potentially leading to unauthorized actions being performed or sensitive information being disclosed. • https://github.com/basecamp/trix/commit/7656f578af0d03141a72a9d27cb3692e6947dae6 https://github.com/basecamp/trix/pull/1149 https://github.com/basecamp/trix/pull/1156 https://github.com/basecamp/trix/releases/tag/v2.1.4 https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99 https://github.com/basecamp/trix/security/advisories/GHSA-qm2q-9f3q-2vcv • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-39391 – Adobe Indesign XLS File Parsing Out Of Bound Write Remote Code execution vulnerability
https://notcve.org/view.php?id=CVE-2024-39391
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-787: Out-of-bounds Write •
CVE-2024-41853 – Indesign 2024 EPS File Parsing Heap Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-41853
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-122: Heap-based Buffer Overflow •
CVE-2024-39393 – Adobe Indesign 2024 PCT File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39393
An attacker could leverage this vulnerability to execute code in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-125: Out-of-bounds Read •