Page 459 of 8792 results (0.043 seconds)

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2022-42824 – webkitgtk: sensitive information disclosure issue

https://notcve.org/view.php?id=CVE-2022-42824

By this security flaw processing maliciously crafted web content may lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/11/04/4 https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ https://security.gentoo.org/glsa/202 •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-42820

https://notcve.org/view.php?id=CVE-2022-42820

An app may cause unexpected app termination or arbitrary code execution. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-38397 – Honeywell Experion PKS and ACE Controllers Unrestricted Upload of File with Dangerous Type

https://notcve.org/view.php?id=CVE-2021-38397

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. Los controladores Honeywell Experion PKS C200, C200E, C300 y ACE son vulnerables a la carga de archivos sin restricciones, lo que puede permitir a un atacante ejecutar código arbitrario de forma remota y provocar una condición de Denegación de Servicio. • https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04 https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-38395 – Honeywell Experion PKS and ACE Controllers Injection

https://notcve.org/view.php?id=CVE-2021-38395

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. Los controladores Honeywell Experion PKS C200, C200E, C300 y ACE son vulnerables a una neutralización inadecuada de elementos especiales en la salida, lo que puede permitir a un atacante ejecutar código arbitrario de forma remota y provocar una condición de Denegación de Servicio. • https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04 https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-38399 – Honeywell Experion PKS and ACE Controllers Relative Path Traversal

https://notcve.org/view.php?id=CVE-2021-38399

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories. Los controladores Honeywell Experion PKS C200, C200E, C300 y ACE son vulnerables al Path Traversal relativa, lo que puede permitir que un atacante acceda a archivos y directorios no autorizados. • https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04 https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •