Security Vulnerabilities - CVEs Published In October 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
6.5
EPSS Score
0.006
Published
2024-10-17
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
6.5
EPSS Score
0.011
Published
2024-10-17
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
7.6
EPSS Score
0.059
Published
2024-10-17
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
7.6
EPSS Score
0.059
Published
2024-10-17
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS Score
5.4
EPSS Score
0.003
Published
2024-10-17
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
7.5
EPSS Score
0.063
Published
2024-10-17
A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-10-17
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to obtain sensitive information via the externalId component.
CVSS Score
8.1
EPSS Score
0.128
Published
2024-10-17
MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVSS Score
9.8
EPSS Score
0.572
Published
2024-10-17
Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVSS Score
5.6
EPSS Score
0.004
Published
2024-10-17