Page 78 of 35373 results (0.274 seconds)

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-02 https://www.deltaww.com/en-US/Cybersecurity_Advisory • CWE-121: Stack-based Buffer Overflow •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-02 https://www.deltaww.com/en-US/Cybersecurity_Advisory • CWE-121: Stack-based Buffer Overflow •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-02 https://www.deltaww.com/en-US/Cybersecurity_Advisory • CWE-121: Stack-based Buffer Overflow •

CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0

File Upload vulnerability in Laravel CMS v.1.4.7 and before allows a remote attacker to execute arbitrary code via the shell.php a component. • https://co-a1natas.feishu.cn/docx/GuYjd2lDEoxNhVxPa9Yc1akknee • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary code via a crafted script to the config.php component. • https://github.com/havok89/Hoosk/issues/66 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •