Page 241 of 8664 results (0.151 seconds)

CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0

When the isula load command is used to load malicious images, attackers can execute arbitrary code. Cuando el comando isula load se utiliza para cargar imágenes maliciosas, los atacantes pueden ejecutar código arbitrario. • https://gitee.com/src-openeuler/iSulad/pulls/600/files https://gitee.com/src-openeuler/iSulad/pulls/627/files https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-665: Improper Initialization •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

When malicious images are pulled by isula pull, attackers can execute arbitrary code. Cuando isula pull extrae imágenes maliciosas, los atacantes pueden ejecutar código arbitrario. • https://gitee.com/src-openeuler/iSulad/pulls/600/files https://gitee.com/src-openeuler/iSulad/pulls/627/files https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-665: Improper Initialization •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application.   • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145 • CWE-824: Access of Uninitialized Pointer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow.   • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145 • CWE-125: Out-of-bounds Read •

CVSS: 7.2EPSS: 88%CPEs: 2EXPL: 0

PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled. ... ISPConfig versions 4.2.11 and below suffer from a PHP code injection vulnerability in language_edit.php. • http://packetstormsecurity.com/files/176126/ISPConfig-3.2.11-PHP-Code-Injection.html http://seclists.org/fulldisclosure/2023/Dec/2 https://www.ispconfig.org/blog/ispconfig-3-2-11p1-released • CWE-94: Improper Control of Generation of Code ('Code Injection') •