Page 3 of 57543 results (0.036 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

02 Jul 2025 — Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49713 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 73%CPEs: 1EXPL: 2

02 Jul 2025 — A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. • https://vulncheck.com/advisories/stamparm-maltrail-rce • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-306: Missing Authentication for Critical Function •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

02 Jul 2025 — A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. • https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce • CWE-306: Missing Authentication for Critical Function •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

02 Jul 2025 — The /proxy handler on port 7996 allows arbitrary forwarding to administrative endpoints when provided with an Appliance UUID, which itself can be retrieved from port 7995. ... The /proxy handler on port 7996 allows arbitrary forwarding to administrative endpoints when provided with an Appliance UUID, which itself can be retrieved from port 7995. • https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce • CWE-306: Missing Authentication for Critical Function •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

02 Jul 2025 — An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent, bypassing firewall restrictions and exposing internal management endpoints. This enables unauthenticated attackers to access the GFIAgent service on ports 7995 and 7996, retrieve the appliance UUID, and issue adminis... • https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce • CWE-306: Missing Authentication for Critical Function •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

02 Jul 2025 — An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson's auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on... • https://s4e.io/tools/hikvision-applyct-remote-code-execution • CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •

CVSS: -EPSS: 0%CPEs: -EXPL: 4

https://packetstorm.news/files/id/204883 •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

02 Jul 2025 — The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'font_upload_handler' function in all versions up to, and including, 1.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://www.wordfence.com/threat-intel/vulnerabilities/id/68679ff9-48a8-4146-a37f-5f844dc86c92?source=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

01 Jul 2025 — The Vikinger theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the vikinger_delete_activity_media_ajax() function in all versions up to, and including, 1.9.32. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://themeforest.net/item/vikinger-buddypress-and-gamipress-social-community/28612259 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

01 Jul 2025 — Prior to version 2.1.5, there is a command injection vulnerability caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. • https://github.com/cyanheads/git-mcp-server/commit/0dbd6995ccdf76ab770b58013034365b2d06c4d9 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •