Page 22 of 35321 results (0.699 seconds)

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

This could lead to remote arbitrary code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-07-01 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-07-01 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9 Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20 See the release notes ([https://www.sourcetreeapp.com/download-archives]). • https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091 https://jira.atlassian.com/browse/SRCTREE-8168 •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

This could lead to remote arbitrary code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable. • https://github.com/liske/needrestart/commit/b5f25f6ec6e7dd0c5be249e4e45de4ee9ffe594f https://www.cve.org/CVERecord?id=CVE-2024-48992 https://www.qualys.com/2024/11/19/needrestart/needrestart.txt • CWE-427: Uncontrolled Search Path Element •