CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9419 – Certain HP Print Products–Potential Remote Code Execution and/or Elevation of Privilege with the HP Smart Universal Printing Driver
https://notcve.org/view.php?id=CVE-2024-9419
Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC. • https://support.hp.com/us-en/document/ish_11505949-11505972-16 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10392 – AI Power: Complete AI Pack <= 1.8.89 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-10392
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/changeset/3176122/gpt3-ai-content-generator#file508 https://www.wordfence.com/threat-intel/vulnerabilities/id/cd8a45c9-ca48-4ea6-b34e-f05206f16155?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9632 – Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-9632
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XkbSetCompatMap requests. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/security/cve/CVE-2024-9632 https://bugzilla.redhat.com/show_bug.cgi?id=2317233 https://access.redhat.com/errata/RHSA-2024:10090 https://access.redhat.com/errata/RHSA-2024:8798 https://access.redhat.com/errata/RHSA-2024:9540 https://access.redhat.com/errata/RHSA-2024:9579 https://access.redhat.com/errata/RHSA-2024:9601 https://access.redhat.com/errata/RHSA-2024:9690 https://access.redhat.com/errata/RHSA-2024:9816 https://access.redhat.com/e • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50525 – WordPress Helloprint plugin <= 2.0.2 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50525
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/helloprint/wordpress-helloprint-plugin-2-0-2-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-50526 – WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50526
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/hatvix1/CVE-2024-50526-Private-POC https://patchstack.com/database/vulnerability/multi-purpose-mail-form/wordpress-multi-purpose-mail-form-plugin-1-0-2-arbitrary-file-upload-vulnerability-2?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •