Page 269 of 37488 results (0.109 seconds)

CVSS: 7.5EPSS: %CPEs: -EXPL: 0

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-22939 This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156 https://www.zerodayinitiative.com/advisories/ZDI-24-874 • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename parameter. • http://docubase.com http://tessi.com https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37673.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23185 This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156 https://www.zerodayinitiative.com/advisories/ZDI-24-876 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of user accounts. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://www.synology.com/en-global/security/advisory/Synology_SA_23_15 • CWE-290: Authentication Bypass by Spoofing •