Page 115 of 35163 results (0.057 seconds)

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

This could lead to remote code execution with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

This could lead to remote code execution with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •

CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0

OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which allows attackers to execute arbitrary code via the Title and summary fields in the /admin/post/edit/ endpoint. • http://TobeReleased.com https://github.com/AslamMahi/CVE-Aslam-Mahi/blob/main/MobinaJafarian-OnlineNewsSite%20v%201.0/CVE-2024-45933.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component. • http://limesurvey.com https://github.com/LimeSurvey/LimeSurvey/commit/c2fd60f94bc1db275f20cbb27a3135a9bdfb7f10 •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in LimeSurvey before 6.5.12+240611 allows a remote attacker to execute arbitrary code via a crafted script to the title and comment fields. • http://limesurvey.com https://github.com/LimeSurvey/LimeSurvey/commit/c844c4fba81cc26ffe6544bf095bad6252910bc0 •