CVSS: 9.0EPSS: 4%CPEs: 1EXPL: 0CVE-2024-39397 – Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434)
https://notcve.org/view.php?id=CVE-2024-39397
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39402 – Adobe Commerce | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
https://notcve.org/view.php?id=CVE-2024-39402
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41864 – Adobe Substance 3D Designer ICO Parsing Out-Of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2024-41864
Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_designer/apsb24-67.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41858 – Adobe InCopy has an integer overflow vulnerability when parsing SVG file
https://notcve.org/view.php?id=CVE-2024-41858
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/incopy/apsb24-64.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-31349
https://notcve.org/view.php?id=CVE-2023-31349
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 • CWE-276: Incorrect Default Permissions •