CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41858 – Adobe InCopy has an integer overflow vulnerability when parsing SVG file
https://notcve.org/view.php?id=CVE-2024-41858
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/incopy/apsb24-64.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-31349
https://notcve.org/view.php?id=CVE-2023-31349
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 • CWE-276: Incorrect Default Permissions •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-31348
https://notcve.org/view.php?id=CVE-2023-31348
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-20578
https://notcve.org/view.php?id=CVE-2023-20578
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2022-23815
https://notcve.org/view.php?id=CVE-2022-23815
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html •