CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0NotCVE-2023-0001 – Secure Boot Bypass in MSM8916/APQ8016 Mobile SoC
https://notcve.org/view.php?id=NotCVE-2023-0001
A physical attacker may leverage improper protection against voltage glitching in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 to execute arbitrary code in the device due to a badly secured hash value check. • https://cyberintel.es/cve/notCVE-2023-0001/ • CWE-1247: Improper Protection Against Voltage and Clock Glitches •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-46946
https://notcve.org/view.php?id=CVE-2024-46946
langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. • https://cwe.mitre.org/data/definitions/95.html https://docs.sympy.org/latest/modules/codegen.html https://gist.github.com/12end/68c0c58d2564ef4141bccd4651480820#file-cve-2024-46946-txt https://github.com/langchain-ai/langchain/releases/tag/langchain-experimental%3D%3D0.3.0 •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46986 – Arbitrary file write leading to RCE in Camaleon CMS
https://notcve.org/view.php?id=CVE-2024-46986
This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. • https://codeql.github.com/codeql-query-help/ruby/rb-path-injection https://github.com/owen2345/camaleon-cms/security/advisories/GHSA-wmjg-vqhv-q5p5 https://owasp.org/www-community/attacks/Path_Traversal https://www.reddit.com/r/rails/comments/1exwtdm/camaleon_cms_281_has_been_released • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-34026
https://notcve.org/view.php?id=CVE-2024-34026
A specially crafted EtherNet/IP request can lead to remote code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2005 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45679
https://notcve.org/view.php?id=CVE-2024-45679
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product. • https://github.com/assimp/assimp/releases/tag/v5.4.3 https://jvn.jp/en/jp/JVN42386607 • CWE-122: Heap-based Buffer Overflow •