CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12693
https://notcve.org/view.php?id=CVE-2024-12693
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. • https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html https://issues.chromium.org/issues/382190919 •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56145 – RCE when PHP `register_argc_argv` config setting is enabled in craftcms/cms
https://notcve.org/view.php?id=CVE-2024-56145
For these users an unspecified remote code execution vector is present. ... For these users an unspecified remote code execution vector is present. • https://github.com/craftcms/cms/commit/82e893fb794d30563da296bca31379c0df0079b3 https://github.com/craftcms/cms/security/advisories/GHSA-2p6p-9rc9-62j9 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-12741 – Deserialization Of Untrusted Data Vulnerability In NI DAAQAExpress Project File
https://notcve.org/view.php?id=CVE-2024-12741
A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution. • https://knowledge.ni.com/KnowledgeArticleDetails?id=kA00Z000000kFD7SAM&l=en-US • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55952 – Dataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE Vulnerability
https://notcve.org/view.php?id=CVE-2024-55952
Authenticated users can remotely execute code through the backend JDBC connection. • https://github.com/dataease/dataease/commit/0db4872a52eccf6e83dd9359aa05db52dd580ec1 https://github.com/dataease/dataease/security/advisories/GHSA-w8qm-xw38-93qw • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-56051 – WordPress WPLMS plugin < 1.9.9.5 - Student+ Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-56051
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects WPLMS: from n/a before 1.9.9.5. • https://patchstack.com/database/wordpress/plugin/wplms-plugin/vulnerability/wordpress-wplms-plugin-1-9-9-5-student-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •