NotCVE-2023-0003 – RSA signature verification bypass via Arbitrary Code Execution in Sansa Connect bootloader
https://notcve.org/view.php?id=NotCVE-2023-0003
Attacker can supply image that combined with specific MPI length leads to Arbitrary Code Execution via overwritten return address on stack. • https://github.com/desowin/zsitool/blob/master/exploit.md • CWE-121: Stack-based Buffer Overflow •
CVE-2024-10073 – flairNLP flair Mode File Loader clustering.py ClusteringModel code injection
https://notcve.org/view.php?id=CVE-2024-10073
The manipulation leads to code injection. ... Mit der Manipulation mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.280722 https://vuldb.com/?ctiid.280722 https://vuldb.com/?submit.420055 https://github.com/bayuncao/vul-cve-20 https://github.com/bayuncao/vul-cve-20/blob/main/PoC.py • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-45766
https://notcve.org/view.php?id=CVE-2024-45766
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. • https://www.dell.com/support/kbdoc/en-us/000237300/dsa-2024-426-security-update-for-dell-openmanage-enterprise-vulnerabilities • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-32266 – Code injection vulnerability found in OpenText Application Lifecycle Management (ALM),Quality Center.
https://notcve.org/view.php?id=CVE-2023-32266
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation. This issue affects Application Lifecycle Management (ALM),Quality Center: 15.00, 15.01, 15.01 P1, 15.01 P2, 15.01 P3, 15.01 P4, 15.01 P5, 15.51, 15.51 P1, 15.51 P2, 15.51 P3, 16.00, 16.01 P1. La vulnerabilidad de ruta de búsqueda no confiable en OpenText™ Application Lifecycle Management (ALM),Quality Center permite la inclusión de código. La vulnerabilidad permite a un usuario archivar archivos DLL maliciosos en el sistema antes de la instalación. • https://portal.microfocus.com/s/article/KM000024386?language=en_US • CWE-426: Untrusted Search Path •
CVE-2024-49260 – WordPress Limb Gallery plugin <= 1.5.7 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-49260
Unrestricted Upload of File with Dangerous Type vulnerability in Limb WordPress Gallery Plugin – Limb Image Gallery allows Code Injection.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through 1.5.7. Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en el complemento Limb WordPress Gallery: Limb Image Gallery permite la inyección de código. Este problema afecta al complemento Limb WordPress Gallery: desde n/a hasta 1.5.7. • https://patchstack.com/database/vulnerability/limb-gallery/wordpress-limb-gallery-plugin-1-5-7-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •