Page 124 of 47057 results (0.098 seconds)

CVSS: 3.3EPSS: %CPEs: -EXPL: 0

An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. •

CVSS: 3.3EPSS: %CPEs: -EXPL: 0

An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. •

CVSS: 7.8EPSS: %CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: %CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack. ... An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Secure Mobile Access service. By creating a symbolic link, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •