Page 97 of 8799 results (0.023 seconds)

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html • CWE-426: Untrusted Search Path •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. Un desbordamiento del búfer en WatchGuard Fireware OS podría permitir que un atacante remoto autenticado con acceso de administración privilegiado ejecute código arbitrario con privilegios del sistema en el firewall. Este problema afecta al sistema operativo Fireware: desde 11.9.6 hasta 12.10.3. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-outlets/{id}/edit/. Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elección a través de un payload manipulado inyectado en el parámetro Name en /dcim/power-outlets/{id}/edit/. • https://github.com/minhquan202/Vuln-Netbox • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/{id}/edit/. Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a través de un payload manipulado inyectado en el parámetro Name en /dcim/power-ports/{id}/edit/. • https://github.com/minhquan202/Vuln-Netbox • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

Fujian Kelixun <=7.6.6.4391 is vulnerable to SQL Injection in send_event.php. Fujian Kelixun &lt;=7.6.6.4391 es vulnerable a la inyección SQL en send_event.php. • https://gist.github.com/Y5neKO/561a038dab8584c1448aad3013b9c2c7 • CWE-94: Improper Control of Generation of Code ('Code Injection') •