Page 430 of 45725 results (0.067 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/phpsword-favicon-manager/wordpress-pk-favicon-manager-plugin-2-1-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both confidentiality and integrity. • https://github.com/aws/sagemaker-python-sdk/pull/4557 https://github.com/aws/sagemaker-python-sdk/security/advisories/GHSA-wjvx-jhpj-r54r • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both confidentiality and integrity. • https://github.com/aws/sagemaker-python-sdk/commit/2d873d53f708ea570fc2e2a6974f8c3097fe9df5 https://github.com/aws/sagemaker-python-sdk/pull/4556 https://github.com/aws/sagemaker-python-sdk/security/advisories/GHSA-7pc3-pr3q-58vg • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-23-1913 • CWE-416: Use After Free •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-23-1912 • CWE-125: Out-of-bounds Read •