CVE-2024-50307

MEDIUM Year: 2024
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-676
View all →

Vulnerability Description

Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed on the device that runs Chatwork Desktop Application (Windows).

Related Vulnerabilities

CVE-2024-38434

MEDIUM
CVSS:6.5(Medium)

Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass

CWE-6762024

CVE-2024-37387

MEDIUM
CVSS:4.0(Medium)

Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered.

CWE-6762024

CVE-2021-27474

HIGH
CVSS:7.5(High)

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attack...

CWE-6762021

CVE-2022-39063

HIGH
CVSS:7.5(High)

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from ...

CWE-6762022

CVE-2024-38434

MEDIUM
CVSS:6.5(Medium)

Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass

CWE-6762024

CVE-2024-37387

MEDIUM
CVSS:4.0(Medium)

Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered.

CWE-6762024