34545 results (0.021 seconds)

CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0

A physical attacker may leverage improper protection against voltage glitching in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 to execute arbitrary code in the device due to a badly secured hash value check. • https://cyberintel.es/cve/notCVE-2023-0001/ • CWE-1247: Improper Protection Against Voltage and Clock Glitches •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows attackers to overwrite and delete system files, potentially leading to remote code execution. • https://huntr.com/bounties/8508db68-9c99-4b1c-828c-e1bfcacfb847 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability. • https://docs.telerik.com/report-server/knowledge-base/insecure-type-resolution-cve-2024-8015 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This could allow the attacker to execute arbitrary code in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb24-82.html • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html • CWE-123: Write-what-where Condition •