Page 116 of 8809 results (0.039 seconds)

CVSS: 3.8EPSS: 0%CPEs: 1EXPL: 0

A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. • https://github.com/nextcloud/desktop/pull/6378 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mf7-v63m-99p7 https://hackerone.com/reports/2307625 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager. • https://thrive.trellix.com/s/article/000013623 • CWE-502: Deserialization of Untrusted Data •

CVSS: 8.1EPSS: 0%CPEs: -EXPL: 1

An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file. Una vulnerabilidad de carga de archivos arbitrarios en Aegon Life v1.0 permite a los atacantes ejecutar código arbitrario cargando un archivo de imagen manipulado. AEGON LIFE version 1.0 suffers from an unauthenticated remote code execution vulnerability. • https://github.com/keruenn/PoC-CVE-2024-36598 https://github.com/kaliankhe/CVE-Aslam-mahi/blob/9ec0572c68bfd3708a7d6e089181024131f4e927/vendors/projectworlds.in/AEGON%20LIFE%20v1.0%20Life%20Insurance%20Management%20System/CVE-2024-36598 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. En dhd_prot_txstatus_process de dhd_msgbuf.c, hay una posible escritura fuera de los límites debido a una verificación de los límites faltante. Esto podría conducir a la ejecución remota de código sin necesidad de privilegios de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 0%CPEs: 71EXPL: 0

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/magento/apsb24-40.html • CWE-20: Improper Input Validation •