Page 15 of 3525 results (0.076 seconds)

CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0

An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request. • https://github.com/doccano/doccano/releases/tag/v1.8.4 https://github.com/doccano/auto-labeling-pipeline/releases/tag/v0.1.23 https://github.com/gian2dchris/CVEs/tree/main/CVE-2024-40442 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://github.com/centreon/centreon/releases https://thewatch.centreon.com/latest-security-bulletins-64/security-bulletin-for-centreon-web-3809 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://github.com/centreon/centreon/releases https://thewatch.centreon.com/latest-security-bulletins-64/security-bulletin-for-centreon-web-3809 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the set*id () function. • https://puredata.info https://github.com/pure-data/pure-data/issues/2063 https://github.com/pure-data/pure-data/commit/0b5e467b8728b3ed56e1a8ee5b367ce78e7e6e5d • CWE-252: Unchecked Return Value •

CVSS: 7.2EPSS: 1%CPEs: 2EXPL: 0

PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the /cgi-bin/param.cgi CGI script. • https://ptzoptics.com/firmware-changelog https://vulncheck.com/advisories/ptzoptics-command-injection • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •