Page 110 of 35163 results (0.137 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Microsoft Excel Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43504 • CWE-416: Use After Free •

CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0

.NET and Visual Studio Remote Code Execution Vulnerability A flaw was found in dotnet. When closing an HTTP/3 stream while application code is writing to the response body, a race condition can cause a use-after-free. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38229 https://access.redhat.com/security/cve/CVE-2024-38229 https://bugzilla.redhat.com/show_bug.cgi?id=2316161 • CWE-416: Use After Free •

CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0

Azure Service Fabric for Linux Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43480 • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38261 • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow CWE-126: Buffer Over-read •

CVSS: 7.2EPSS: 4%CPEs: -EXPL: 0

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •