CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4079 – Out of Bounds Read Due to Missing Bounds Check in LabVIEW
https://notcve.org/view.php?id=CVE-2024-4079
An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-due-to-missing-bounds-check-in-labview.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5602 – Stack-based Buffer Overflow Vulnerability in NI I/O Trace Tool
https://notcve.org/view.php?id=CVE-2024-5602
A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. ... A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/stack-based-buffer-overflow-vulnerability-in-ni-io-trace-tool.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26020
https://notcve.org/view.php?id=CVE-2024-26020
A specially crafted flashcard can lead to a arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1993 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-21552
https://notcve.org/view.php?id=CVE-2024-21552
All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ‘eval’ function. An attacker could induce the LLM output to exploit this vulnerability and gain arbitrary code execution on the SuperAGI application server. • https://github.com/TransformerOptimus/SuperAGI/blob/9361f0491716e56bd0c0ae2f3b49da201a18c58c/superagi/agent/output_handler.py#L149 https://github.com/TransformerOptimus/SuperAGI/blob/9361f0491716e56bd0c0ae2f3b49da201a18c58c/superagi/agent/output_handler.py#L180 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38944
https://notcve.org/view.php?id=CVE-2024-38944
An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a remote attacker to execute arbitrary code via the /cgi-bin/generateForm.cgi?formID=142 component. Un problema en Intelight X-1L Traffic controller Maxtime v.1.9.6 permite a un atacante remoto ejecutar código arbitrario a través del componente /cgi-bin/generateForm.cgi?formID=142. • https://gist.github.com/LemonSec/6aaea8320187a38e1a398fa321f12303 • CWE-94: Improper Control of Generation of Code ('Code Injection') •