Page 144 of 35197 results (0.069 seconds)

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1

SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via the /todesk.com/news.html parameter. • https://github.com/alphandbelt/CVE-2024-44542 https://github.com/alphandbelt/CVE-2024-44542/tree/main • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 0

The result is a remote and unauthenticated attacker can leak sensitive data such as usernames, password hashes, and configurations details. ... PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root. • https://ptzoptics.com/firmware-changelog https://vulncheck.com/advisories/ptzoptics-insufficient-auth • CWE-287: Improper Authentication •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0

Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI). • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0

Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0

Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code or install implants. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •