Page 456 of 37793 results (0.167 seconds)

CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0

An issue in Casa Systems NL1901ACV R6B032 allows a remote attacker to execute arbitrary code via the userName parameter of the add function. • https://cybercx.com.au/blog/zero-day-remote-code-execution-in-netcomm-nl1901acv-vdsl-modem • CWE-20: Improper Input Validation •

CVSS: 6.9EPSS: 0%CPEs: -EXPL: 0

An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster. • http://carina.com https://gist.github.com/HouqiyuA/568d9857dab4ddba6b8b6a791e90f906 https://github.com/HouqiyuA/k8s-rbac-poc https://github.com/carina-io/carina • CWE-285: Improper Authorization •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component. • https://gist.github.com/HouqiyuA/2b56a893c06553013982836abb77ba50 • CWE-284: Improper Access Control •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. • https://github.com/d0rb/CVE-2023-49606 http://www.openwall.com/lists/oss-security/2024/05/07/1 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •