44300 results (0.386 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

14 Mar 2025 — This can be used to facilitate RCE. An account with ‘read’ and ‘write’ privileges on at least one existing document in the application is required to exploit the vulnerability. ... This can be used to facilitate RCE. An account with ‘read’ and ‘write’ privileges on at least one existing document in the application is required to exploit the vulnerability. • https://www.blackduck.com/blog/cyrc-advisory-logicaldoc.html • CWE-23: Relative Path Traversal •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

14 Mar 2025 — The Automation Scripting functionality can be exploited by attackers to run arbitrary system commands on the underlying operating system. An account with administrator privileges or that has been explicitly granted access to use Automation Scripting is needed to carry out the attack. Exploitation of this vulnerability would allow an attacker to run commands of their choosing on the underlying operating system of the web server running LogicalDOC. The Automation Scripting functionality can be exploited by at... • https://www.blackduck.com/blog/cyrc-advisory-logicaldoc.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0

14 Mar 2025 — An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process. • https://fortiguard.com/psirt/FG-IR-23-345 • CWE-73: External Control of File Name or Path •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

14 Mar 2025 — A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. A python process calling Qiskit 0.18.0 through 1.4.1's `qiskit.qpy.load()` function could potentially execute any arbitrary Python code embedded in the correct place in the binary file as part of specially constructed payload. • https://www.ibm.com/support/pages/node/7185949 • CWE-502: Deserialization of Untrusted Data •

CVSS: 9.4EPSS: 0%CPEs: -EXPL: 0

14 Mar 2025 — The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems. • https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF • CWE-494: Download of Code Without Integrity Check •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

14 Mar 2025 — File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header. • https://gist.github.com/aydinnyunus/801342361584d1491c67a820a714f53f •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

14 Mar 2025 — In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. • https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/AdvSetMacMtuWan1.md •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

14 Mar 2025 — In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. • https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/AdvSetMacMtuWan3.md •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

14 Mar 2025 — In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. • https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/AdvSetMacMtuWan4.md •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

14 Mar 2025 — In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. • https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/AdvSetMacMtuWan2.md •