
NotCVE-2023-0001 – Secure Boot Bypass in MSM8916/APQ8016 Mobile SoC
https://notcve.org/view.php?id=NotCVE-2023-0001
16 Nov 2023 — A physical attacker may leverage improper protection against voltage glitching in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 to execute arbitrary code in the device due to a badly secured hash value check. • https://cyberintel.es/cve/notCVE-2023-0001/ • CWE-1247: Improper Protection Against Voltage and Clock Glitches •

CVE-2024-13011 – WP Foodbakery <= 4.7 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-13011
10 Feb 2025 — This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVE-2025-1077 – Remote Code Execution vulnerability in IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather)
https://notcve.org/view.php?id=CVE-2025-1077
07 Feb 2025 — A remote unauthenticated attacker can exploit this vulnerability to send unauthenticated requests to execute the IPDS pipeline with specially crafted Form Properties, enabling remote execution of arbitrary Python code. ... A remote unauthenticated attacker can exploit this vulnerability to send unauthenticated requests to execute the IPDS pipeline with specially crafted Form Properties, enabling remote execution of arbitrary Python code. • https://www.iblsoft.com/security/advisory-isec-2024-001 • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •

CVE-2024-7419 – WP All Export Pro <= 1.9.1 - Unauthenticated Remote Code Execution via Custom Export Fields
https://notcve.org/view.php?id=CVE-2024-7419
07 Feb 2025 — The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.9.1 via the custom export fields. ... This makes it possible for unauthenticated attackers to inject arbitrary PHP code into form fields that get executed on the server during the export, potentially leading to a complete site compromise. • https://www.wordfence.com/threat-intel/vulnerabilities/id/40b57370-4fd7-4316-9e99-a3f1d34616e8?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVE-2024-57357
https://notcve.org/view.php?id=CVE-2024-57357
07 Feb 2025 — An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 20230427 allows a remote attacker to execute arbitrary code via function sub_4256CC, which allows command injection by injecting 'devpwd'. • https://github.com/c10uds/tplink-wpa8630-rce-vulnerability • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVE-2024-48091
https://notcve.org/view.php?id=CVE-2024-48091
07 Feb 2025 — Tally Prime Edit Log v2.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL. • https://gist.github.com/singhmanpreet493/0f1df7fa4e744a3317877ab85d187937#file-gistfile1-txt • CWE-427: Uncontrolled Search Path Element •

CVE-2024-57707
https://notcve.org/view.php?id=CVE-2024-57707
07 Feb 2025 — An issue in DataEase v1 allows an attacker to execute arbitrary code via the user account and password components. • https://github.com/shigophilo/CVE/blob/main/DataEase-v1-code-execute.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVE-2025-21342 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21342
06 Feb 2025 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21342 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVE-2025-21408 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21408
06 Feb 2025 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21408 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVE-2025-21283 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21283
06 Feb 2025 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21283 • CWE-1222: Insufficient Granularity of Address Regions Protected by Register Locks •