Page 21 of 47256 results (0.267 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://download.keyshot.com/cert/ksa-655925/ksa-655925.pdf?version=1.0&_gl=1*1vzfrlf*_gcl_au*MTIxNTA2Njg4MS4xNzMxNTMwMjIx https://www.zerodayinitiative.com/advisories/ZDI-24-1612 • CWE-125: Out-of-bounds Read •

CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0

This allows an attacker to inject and execute arbitrary JavaScript code in the context of the victim's browser when a crafted vCard (VCF) file is processed and printed. • https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file. • https://github.com/6pc1/BugHub/blob/main/alist-tvbox%20command%20execution%20vulnerability.pdf •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/indesign/apsb24-91.html • CWE-125: Out-of-bounds Read •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute arbitrary code via uploading a crafted .xml file. • http://modbusmechanic.com https://github.com/Gelcon/PoC-ModbusMechanic-3.0-Insecure-Deserialization-and-RCE