Page 254 of 8676 results (0.167 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

An attacker with access to a monitored device could perform a stored cross-site scripting (XSS) attack that may lead to arbitrary code execution with `SYSTEM` privileges on the application server. • https://cert-portal.siemens.com/productcert/pdf/ssa-594373.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component. Un problema en SeaCMS v.12.8 permite a un atacante ejecutar código arbitrario a través del componente admin_Weixin.php. • https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ notify.php component. Un problema en SeaCMS v.12.8 permite a un atacante ejecutar código arbitrario a través del componente admin_notify.php. • https://blog.csdn.net/2301_79997870/article/details/133365547?spm=1001.2014.3001.5501 https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

Prior tov ersions 0.13.17 and 0.12.65, Garden has a dependency on the cryo library, which is vulnerable to code injection due to an insecure implementation of deserialization. • https://github.com/garden-io/garden/commit/3117964da40d3114f129a6131b4ada89eaa4eb8c https://github.com/garden-io/garden/security/advisories/GHSA-hm75-6vc9-8rpr • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL https://security.gentoo.org/glsa/202401-33 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1831 https://webkitgtk.org/security/WSA-2023-0009.html https://www.debian.org/security/2023/dsa-5527 https://access.redhat.com/security/cve/CVE-2023-39928 https://bugzilla.redhat.com/show_bug.cgi?id=2241400 • CWE-416: Use After Free •