Page 278 of 37488 results (0.131 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Patch Management Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Patch Management Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 https://www.zerodayinitiative.com/advisories/ZDI-24-817 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name (name parameter) of a new activity. • http://moodle.com https://github.com/MohamedAzizMSALLEMI/Moodle_Security/blob/main/CVE-2024-37674.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html https://issues.chromium.org/issues/344608204 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

This could lead to remote code execution, for example by placing a new plugin into the '$workspace$/plugins' directory. • https://github.com/dzikoysk/reposilite/commit/848173738e4375482c70365db5cebae29f125eaa https://github.com/dzikoysk/reposilite/releases/tag/3.5.12 https://github.com/dzikoysk/reposilite/security/advisories/GHSA-frvj-cfq4-3228 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

In the worst case scenario, an attacker would be able to obtain the Remote code execution on all systems that use artifacts from Reposilite. • https://github.com/dzikoysk/reposilite/commit/279a472015ec675c1da449d902dc82e4dd578484 https://github.com/dzikoysk/reposilite/commit/d11609f427aba255e0f6f54b1105d5d20ab043cf https://github.com/dzikoysk/reposilite/releases/tag/3.5.12 https://github.com/dzikoysk/reposilite/security/advisories/GHSA-9w8w-34vr-65j2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •