Page 110 of 38510 results (0.064 seconds)

CVSS: 7.8EPSS: %CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0

Snipe-IT before 7.0.10 allows remote code execution (associated with cookie serialization) when an attacker knows the APP_KEY. • https://github.com/snipe/snipe-it/releases/tag/v7.0.10 •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1

SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component. • https://github.com/KamenRiderDarker/CVE-2024-46532 http://openhis.com https://github.com/1638824607/OpenHIS?tab=readme-ov-file https://github.com/KamenRiderDarker/CVE-2024-46532/tree/main/README.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and escalate privileges via the Change Password function. • https://github.com/sbondCo/Watcharr https://github.com/sbondCo/Watcharr/releases/tag/v1.43.0 https://github.com/yamerooo123/CVE/blob/main/CVE-2024-48827/Description.md • CWE-613: Insufficient Session Expiration •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-284-21 • CWE-457: Use of Uninitialized Variable •