Page 361 of 45675 results (0.328 seconds)

CVSS: 6.3EPSS: %CPEs: -EXPL: 0

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. • https://plugins.trac.wordpress.org/browser/nd-elements/trunk/widgets/beforeafter/index.php#L121 https://plugins.trac.wordpress.org/browser/nd-elements/trunk/widgets/eventsgrid/index.php#L113 https://plugins.trac.wordpress.org/browser/nd-elements/trunk/widgets/list/index.php#L401 https://plugins.trac.wordpress.org/browser/nd-elements/trunk/widgets/marquee/index.php#L200 https://plugins.trac.wordpress.org/browser/nd-elements/trunk/widgets/postgrid/index.php#L186 https://plugins.trac.wordpress.org/changeset • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-549 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-545 • CWE-416: Use After Free •