CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11620 – WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-11620
22 Nov 2024 — Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows Code Injection.This issue affects Rank Math SEO: from n/a through 1.0.231. ... The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.231. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute coderemote-code-execution-rce-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52052 – Stream Target Remote Code Execution in Wowza Streaming Engine
https://notcve.org/view.php?id=CVE-2024-52052
21 Nov 2024 — Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution. • https://www.rapid7.com/blog/post/2024/11/20/multiple-vulnerabilities-in-wowza-streaming-engine-fixed • CWE-646: Reliance on File Name or Extension of Externally-Supplied File •
CVSS: 6.9EPSS: 2%CPEs: 1EXPL: 2CVE-2024-11320 – Command Injection leading to RCE via LDAP Misconfiguration
https://notcve.org/view.php?id=CVE-2024-11320
21 Nov 2024 — Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. • https://packetstorm.news/files/id/183465 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11531 – IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11531
21 Nov 2024 — IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can leverage... • https://www.zerodayinitiative.com/advisories/ZDI-24-1535 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11524 – IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11524
21 Nov 2024 — IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can leverage ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1593 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11530 – IrfanView CGM File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11530
21 Nov 2024 — IrfanView CGM File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can leverage ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1536 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11576 – Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11576
21 Nov 2024 — Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. ... An attacker can leverage this vulnerability to execute code in the context of the current process. A... • https://download.keyshot.com/cert/ksa-655925/ksa-655925.pdf?version=1.0&_gl=1*1vzfrlf*_gcl_au*MTIxNTA2Njg4MS4xNzMxNTMwMjIx • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11520 – IrfanView ARW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11520
21 Nov 2024 — IrfanView ARW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can leverag... • https://www.zerodayinitiative.com/advisories/ZDI-24-1580 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11527 – IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11527
21 Nov 2024 — IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can leverage ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1538 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11536 – IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11536
21 Nov 2024 — IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. An attacker can leverage... • https://www.zerodayinitiative.com/advisories/ZDI-24-1583 • CWE-125: Out-of-bounds Read •