CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-37335 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37335
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37335 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-37338 – Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-37338
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37338 • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45595 – D-Tale allows Remote Code Execution through the Query input on Chart Builder
https://notcve.org/view.php?id=CVE-2024-45595
Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. • https://github.com/man-group/dtale#custom-filter https://github.com/man-group/dtale/commit/b6e30969390520d1400b55acbb13e5487b8472e8 https://github.com/man-group/dtale/security/advisories/GHSA-pw44-4h99-wqff • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43799 – send vulnerable to template injection that can lead to XSS
https://notcve.org/view.php?id=CVE-2024-43799
This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function. • https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35 https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg https://access.redhat.com/security/cve/CVE-2024-43799 https://bugzilla.redhat.com/show_bug.cgi?id=2311153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-33698
https://notcve.org/view.php?id=CVE-2024-33698
This could allow an unauthenticated remote attacker to execute arbitrary code. ... This could allow an unauthenticated remote attacker to execute arbitrary code. • https://cert-portal.siemens.com/productcert/html/ssa-039007.html • CWE-122: Heap-based Buffer Overflow •