CVE-2024-39388 – ZDI-CAN-24055: Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39388
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. • https://helpx.adobe.com/security/products/substance3d_stager/apsb24-60.htm • CWE-416: Use After Free •
CVE-2024-41831 – ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-41831
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-416: Use After Free •
CVE-2024-38169 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38169
Microsoft Office Visio Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38169 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-41840 – ZDI-CAN-24607: Adobe Bridge JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-41840
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. • https://helpx.adobe.com/security/products/bridge/apsb24-59.html • CWE-787: Out-of-bounds Write •
CVE-2024-7448 – Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7448
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. • https://docs.magnetforensics.com/docs/axiom/release_notes.html https://www.zerodayinitiative.com/advisories/ZDI-24-1129 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •