Page 31 of 35227 results (0.046 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute arbitrary code via the WifiAutoInstallDriver.exe and MSASN1.dll components. • https://infosecwriteups.com/dll-hijacking-in-totolink-a600ub-driver-installer-13787c4d97b4 • CWE-354: Improper Validation of Integrity Check Value •

CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows an attacker to execute arbitrary code via the svkey parameter of the storageapi.php file. • https://infosecwriteups.com/chamilo-lms-authentication-bypass-and-cross-site-scripting-stored-3fcb874ac7c1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication (IPC) mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components, Ultimaker 3D Printers. • https://gist.github.com/HalaAli198/ff06d7a94c06cdfb821dec4d6303e01b •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. • https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Importer.php#L94 https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Initialization.php#L330 https://plugins.trac.wordpress.org/changeset/3188636/ultimate-post/trunk/classes/Importer.php https://wordpress.org/plugins/ultimate-post https://www.wordfence.com/threat-intel/vulnerabilities/id/076f36fb-c2fb-43e0-a027-1351d3995489?source=cve • CWE-862: Missing Authorization •

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of an administrator. • https://www.mcafee.com/support/s/article/000002516?language=en_US •