Page 281 of 10586 results (0.052 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition. • https://jvn.jp/vu/JVNVU93383160 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-016_en.pdf • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for unauthenticated attackers to extract sensitive data. • https://patchstack.com/database/vulnerability/cf7-google-sheets-connector/wordpress-cf7-google-sheets-connector-plugin-5-0-5-sensitive-data-exposure-via-debug-log-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code. NETGEAR ProSAFE Network Management System tiene Java Debug Wire Protocol (JDWP) escuchando en el puerto 11611 y usuarios no autenticados pueden acceder a él de forma remota, lo que permite a los atacantes ejecutar código arbitrario. • https://kb.netgear.com/000065886/Security-Advisory-for-Sensitive-Information-Disclosure-on-the-NMS300-PSV-2023-0126 https://www.tenable.com/security/research/tra-2023-39 • CWE-306: Missing Authentication for Critical Function •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Information disclosure Divulgación de información • https://source.android.com/docs/security/bulletin/chromecast/2023-07-01 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

An authenticated user with read permissions on database connections metadata could potentially access sensitive information such as the connection's username. This issue affects Apache Superset before 3.0.0. Un usuario autenticado con permisos de lectura sobre los metadatos de las conexiones de bases de datos podría acceder a información confidencial, como el nombre de usuario de la conexión. Este problema afecta a Apache Superset anterior a 3.0.0. • http://www.openwall.com/lists/oss-security/2023/11/28/5 https://lists.apache.org/thread/bd0fhtfzrtgo1q8x35tpm8ms144d1t2y • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •