Page 23 of 35227 results (0.051 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted X_B or SAT file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. • https://www.3ds.com/vulnerability/advisories • CWE-122: Heap-based Buffer Overflow CWE-457: Use of Uninitialized Variable •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Deep Security Agent. • https://success.trendmicro.com/en-US/solution/KA-0018154 https://www.zerodayinitiative.com/advisories/ZDI-24-1516 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

A remote code execution (RCE) vulnerability in the component /inventory/doCptimpoptInventory of Weaver Ecology v9.* allows attackers to execute arbitrary code via injecting a crafted payload into the name of an uploaded file. • https://gist.github.com/CoinIsMoney/5dd555805e8f974630ced8a1df8182f1 https://github.com/stuven1989/TemporaryGuild/blob/main/guild2.md • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

File Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0 and v7.18.23.0 allows a remote attacker to execute arbitrary code via the pw/savedraw component. • https://avd.aliyun.com/detail?id=AVD-2023-1678930 https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/32024c5dbb7ff60fa7347cccf6ebb3763a513e7a/docs/wiki/webapp/OfficeWeb365/OfficeWeb365%20SaveDraw%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md?plain=1#L24 https://github.com/Threekiii/Vulnerability-Wiki/blob/master/docs-base/docs/webapp/OfficeWeb365-SaveDraw-%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md https:/&# • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. • https://www.zerodayinitiative.com/advisories/ZDI-24-1513 • CWE-502: Deserialization of Untrusted Data •