5.7
CVE-2024-7391 - ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. User interaction is required to exploit this vulnerability. T…
7.8
CVE-2024-7352 - PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit…
7.8
CVE-2024-7253 - NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exp…
7.8
CVE-2024-7245 - Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability
Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target…
7.8
CVE-2024-6871 - G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target…
8.8
CVE-2024-11394 - Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulner…
Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that…
8.8
CVE-2024-11393 - Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution …
Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability i…
8.8
CVE-2024-11392 - Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulne…
Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in tha…
7.8
CVE-2024-9248 - Foxit PDF Reader PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a m…
7.8
CVE-2024-9250 - Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…