Page 467 of 45888 results (0.181 seconds)

CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component. • https://gist.github.com/HouqiyuA/1b75e23ece7ad98490aec1c887bdf49b • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0

An issue in Casa Systems NL1901ACV R6B032 allows a remote attacker to execute arbitrary code via the userName parameter of the add function. • https://cybercx.com.au/blog/zero-day-remote-code-execution-in-netcomm-nl1901acv-vdsl-modem • CWE-20: Improper Input Validation •

CVSS: 6.9EPSS: 0%CPEs: -EXPL: 0

An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster. • http://carina.com https://gist.github.com/HouqiyuA/568d9857dab4ddba6b8b6a791e90f906 https://github.com/HouqiyuA/k8s-rbac-poc https://github.com/carina-io/carina • CWE-285: Improper Authorization •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component. • https://gist.github.com/HouqiyuA/2b56a893c06553013982836abb77ba50 • CWE-284: Improper Access Control •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. • https://github.com/d0rb/CVE-2023-49606 http://www.openwall.com/lists/oss-security/2024/05/07/1 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889 • CWE-416: Use After Free •