Page 278 of 45564 results (0.106 seconds)

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. ... An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23249 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-848 • CWE-121: Stack-based Buffer Overflow •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter "sectionContent" related to the functionality of adding notes to an uploaded file. • http://docubase.com http://tessi.com https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP Team InstaWP Connect allows Code Injection.This issue affects InstaWP Connect: from n/a through 0.1.0.38. ... This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-38-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. ... An attacker can leverage this vulnerability to execute code in the context of root. •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the page parameter. • http://docubase.com http://tessi.com https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37671.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •