Page 54 of 40626 results (0.081 seconds)

CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0

qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors. • id=42004219 https://sharpsec.run/rce-vulnerability-in-qbittorrent https://www.qbittorrent.org/news • CWE-295: Improper Certificate Validation •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. • https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000011 https://jvn.jp/en/jp/JVN87770340 https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000011 • CWE-121: Stack-based Buffer Overflow •

CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in FiberHome HG6544C RP2743 allows an attacker to execute arbitrary code via the SSID field in the WIFI Clients List not being sanitized • https://en.fiberhome.com https://github.com/MatJosephs/CVEs/tree/main/CVE-2024-51432 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in Camtrace v.9.16.2.1 allows a remote attacker to execute arbitrary code via the login.php. • https://gist.github.com/Youns92/e7cd3f5d18ab089320f72c51fa3977de • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

The Media Library Assistant plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.19. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute code on the server. • https://patchstack.com/database/vulnerability/media-library-assistant/wordpress-media-library-assistant-plugin-3-19-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •