CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-38395
https://notcve.org/view.php?id=CVE-2024-38395
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable." En iTerm2 anterior a 3.5.2, la configuración "La terminal puede informar el título de la ventana" no se respeta y, por lo tanto, puede ocurrir la ejecución remota de código, pero "no es trivialmente explotable". • https://github.com/vin01/poc-cve-2024-38396 http://www.openwall.com/lists/oss-security/2024/06/17/1 https://gitlab.com/gnachman/iterm2/-/commit/f1e89f78dd72dcac3ba66d3d6f93db3f7f649219 https://gitlab.com/gnachman/iterm2/-/tags/v3.5.2 https://iterm2.com/downloads.html https://www.openwall.com/lists/oss-security/2024/06/15/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-38396
https://notcve.org/view.php?id=CVE-2024-38396
An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), allows an attacker to inject arbitrary code into the terminal, a different vulnerability than CVE-2024-38395. Se descubrió un problema en iTerm2 3.5.x anterior a 3.5.2. El uso sin filtrar de una secuencia de escape para informar el título de una ventana, en combinación con la función de integración tmux incorporada (habilitada de forma predeterminada), permite a un atacante inyectar código arbitrario en la terminal, una vulnerabilidad diferente a CVE-2024-38395. • https://github.com/vin01/poc-cve-2024-38396 http://www.openwall.com/lists/oss-security/2024/06/17/1 https://gitlab.com/gnachman/iterm2/-/commit/fc60236a914d63fb70a5c632e211203a4f1bd4dd https://iterm2.com/downloads.html https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-rce-window-title-tmux-integration.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-38448
https://notcve.org/view.php?id=CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used. htags en GNU Global hasta 6.6.12 permite la ejecución de código en situaciones en las que dbpath (también conocido como -d) no es de confianza, porque se pueden usar metacaracteres de shell. • https://cvs.savannah.gnu.org/viewvc/global/global/htags/htags.c?revision=1.236&view=markup https://lists.gnu.org/archive/html/bug-global/2024-05/msg00009.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38458 – Xenforo 2.2.15 Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-38458
Xenforo before 2.2.16 allows code injection. • https://xenforo.com/community/threads/xenforo-2-1-15-patch-1-2-2-16-patch-2-and-xenforo-media-gallery-2-1-9-2-2-6-released-includes-security-fixes.222133 http://seclists.org/fulldisclosure/2024/Jul/12 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3105 – Woody code snippets – Insert Header Footer Code, AdSense Ads <= 2.5.0 -Authenticated (Contributor+) Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-3105
The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insert_php' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized users. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. El complemento Woody code snippets – Insert Header Footer Code, AdSense Ads para WordPress es vulnerable a la ejecución remota de código en todas las versiones hasta la 2.5.0 incluida a través del código corto 'insert_php'. Esto se debe a que el complemento no restringe el uso de la funcionalidad a usuarios autorizados de alto nivel. • https://github.com/hunThubSpace/CVE-2024-3105-PoC https://plugins.trac.wordpress.org/browser/insert-php/trunk/includes/class.plugin.php#L166 https://plugins.trac.wordpress.org/browser/insert-php/trunk/includes/shortcodes/shortcode-insert-php.php https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3102522%40insert-php&new=3102522%40insert-php&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/134ad095-b0a0-4f0f-832d-3e558d4a250a?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •