CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1NotCVE-2023-0003 – RSA signature verification bypass via Arbitrary Code Execution in Sansa Connect bootloader
https://notcve.org/view.php?id=NotCVE-2023-0003
Attacker can supply image that combined with specific MPI length leads to Arbitrary Code Execution via overwritten return address on stack. • https://github.com/desowin/zsitool/blob/master/exploit.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0NotCVE-2023-0001 – Secure Boot Bypass in MSM8916/APQ8016 Mobile SoC
https://notcve.org/view.php?id=NotCVE-2023-0001
A physical attacker may leverage improper protection against voltage glitching in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 to execute arbitrary code in the device due to a badly secured hash value check. • https://cyberintel.es/cve/notCVE-2023-0001/ • CWE-1247: Improper Protection Against Voltage and Clock Glitches •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11034 – Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form
https://notcve.org/view.php?id=CVE-2024-11034
The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation plugin for WordPress is vulnerable to arbitrary shortcode execution via fire_contact_form AJAX action in all versions up to, and including, 1.4. ... This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. • https://plugins.trac.wordpress.org/browser/get-a-quote-button-for-woocommerce/tags/1.3.9/includes/class-ajax.php#L31 https://plugins.trac.wordpress.org/changeset/3195227 https://wordpress.org/plugins/get-a-quote-button-for-woocommerce/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/3ccd3504-5663-48cd-90bc-502c2ce232f7?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9942 – WPGYM <= 67.1.0 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-9942
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJ_gmgt_user_avatar_image_upload() function in all versions up to, and including, 67.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964 https://www.wordfence.com/threat-intel/vulnerabilities/id/bae5f22d-5085-4230-a7fc-5db85aa6fbdb?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10220 – Arbitrary command execution through gitRepo volume
https://notcve.org/view.php?id=CVE-2024-10220
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2. • https://github.com/kubernetes/kubernetes/issues/128885 https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko http://www.openwall.com/lists/oss-security/2024/11/20/1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •