Page 24 of 42152 results (0.042 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware. • https://support.apple.com/en-us/121839 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware. • https://support.apple.com/en-us/121563 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the JavaScript sandbox to execute arbitrary code on the system. An attacker who can control the contents of the template document is able to execute arbitrary code on the system. • https://github.com/pwndoc/pwndoc/blob/main/backend/src/lib/report-filters.js#L258-L260 https://github.com/pwndoc/pwndoc/commit/1d4219c596f4f518798492e48386a20c6e9a2fe6 https://github.com/pwndoc/pwndoc/security/advisories/GHSA-jw5r-6927-hwpc • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

This function pointer overwrite could allow an attacker to alter the execution flow of the program, leading to arbitrary code execution. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032.patch https://gstreamer.freedesktop.org/security/sa-2024-0014.html https://securitylab.github.com/advisories/GHSL-2024-166_Gstreamer https://access.redhat.com/security/cve/CVE-2024-47606 https://bugzilla.redhat.com/show_bug.cgi?id=2331760 • CWE-190: Integer Overflow or Wraparound •