Page 171 of 35071 results (0.061 seconds)

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter. • https://github.com/Vypor/Vypors-Attack-API-System https://jacobmasse.medium.com/cve-2024-44808-remote-command-execution-in-vypor-ddos-attack-api-1ed073725595 • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. • https://plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Providers/FileEditValidator.php#L39 https://plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Providers/FileEditValidator.php#L88 https://plugins.trac.wordpress.org/changeset/3138710 https://www.wordfence.com/threat-intel/vulnerabilities/id/5f29de7a-3f15-4b6d-aad7-6a08151e2113?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

When a 3MF file is loaded in Cura, the value of the drop_to_buildplate property is passed to the Python eval() function without proper sanitization, allowing an attacker to execute arbitrary code by crafting a malicious 3MF file. • https://github.com/Ultimaker/Cura/commit/285a241eb28da3188c977f85d68937c0dad79c50 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

A remote code execution (RCE) vulnerability exists in the Pi Camera project, version 1.0, maintained by RECANTHA. • https://github.com/recantha/camera-pi/blob/ef018d212288cb16404f0b050593d20f0dc0467b/www/tilt.php#L4 https://jacobmasse.medium.com/cve-2024-44809-remote-code-execution-in-raspberry-pi-camera-project-4b8e3486a628 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. • https://www.schutzwerk.com/blog/schutzwerk-sa-2024-001 https://www.vivavis.com/en/solution/scada-en/high-leit https://www.vivavis.com/en/vivavis-high-leit-rce-vulnerability-cve-2024-38456 • CWE-732: Incorrect Permission Assignment for Critical Resource •