Lucene search
K

1895 matches found

Patchstack
Patchstack
added 2024/11/11 7:12 a.m.5 views

WordPress Instant Image Generator (One Click Image Uploads from Pixabay, Pexels and OpenAI) plugin <= 1.5.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Instant Image Generator versions = 1.5.2...

10CVSS7AI score0.00496EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.7 views

PT-2024-8211 · Cisco · Cisco Unified Communications Manager Im & Presence Service

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P affected versions not specified Description: A vulnerability in the logging component could allow an authenticated, remote attacker to view sensitive information in...

6.8CVSS6.7AI score0.00435EPSS
Exploits0References8
NVD
NVD
added 2024/11/05 11:15 p.m.9 views

CVE-2024-47463

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution RCE on the underlying...

7.2CVSS0.01161EPSS
Exploits0References1
NVD
NVD
added 2024/11/05 11:15 p.m.10 views

CVE-2024-47464

An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows an attacker to copy arbitrary files to a user readable location from the command line interface of the underlying operating system, which could lead to a remote...

6.8CVSS0.00893EPSS
Exploits0References1
NVD
NVD
added 2024/11/05 11:15 p.m.17 views

CVE-2024-47462

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution RCE on the underlying...

7.2CVSS0.01161EPSS
Exploits0References1
NVD
NVD
added 2024/11/05 11:15 p.m.10 views

CVE-2024-47461

An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to...

7.2CVSS0.01749EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/05 11:2 p.m.10 views

CVE-2024-47464 Authenticated Path Traversal Vulnerability Leads to a Remote Unauthorized Access to Files

An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows an attacker to copy arbitrary files to a user readable location from the command line interface of the underlying operating system, which could lead to a remote...

6.8CVSS6.9AI score0.00893EPSS
Exploits0References1
CVE
CVE
added 2024/11/05 11:2 p.m.49 views

CVE-2024-47464

CVE-2024-47464 affects Hewlett Packard Enterprise ArubaOS Instant AOS-8 and AOS-10. It is described as an authenticated path traversal vulnerability in the CLI that could copy arbitrary files from the underlying OS to a user-readable location, potentially enabling remote unauthorized access to fi...

6.8CVSS6.6AI score0.00893EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/05 10:59 p.m.9 views

CVE-2024-47463 Arbitrary File Creation Vulnerability in Instant AOS-8 and AOS-10 leads to Authenticated Remote Command Execution (RCE)

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution RCE on the underlying...

7.2CVSS7.1AI score0.01161EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/05 10:59 p.m.19 views

CVE-2024-47463 Arbitrary File Creation Vulnerability in Instant AOS-8 and AOS-10 leads to Authenticated Remote Command Execution (RCE)

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution RCE on the underlying...

7.2CVSS0.01161EPSS
Exploits0References1
CVE
CVE
added 2024/11/05 10:59 p.m.54 views

CVE-2024-47463

CVE-2024-47463 describes an arbitrary file creation vulnerability in Aruba Instant AOS-8 and AOS-10 CLI service that, when exploited by an authenticated user, could lead to remote code execution on the underlying OS. The issue affects the CLI path and is tied to authenticated remote command execu...

7.2CVSS7AI score0.01161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/05 10:57 p.m.13 views

CVE-2024-47462 Arbitrary File Creation Vulnerability in Instant AOS-8 and AOS-10 leads to Authenticated Remote Command Execution (RCE)

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution RCE on the underlying...

7.2CVSS7.1AI score0.01161EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/05 10:57 p.m.22 views

CVE-2024-47462 Arbitrary File Creation Vulnerability in Instant AOS-8 and AOS-10 leads to Authenticated Remote Command Execution (RCE)

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution RCE on the underlying...

7.2CVSS0.01161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/05 10:54 p.m.11 views

CVE-2024-47461 Authenticated Arbitrary Remote Command Execution (RCE) in Instant AOS-8 and AOS-10

An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to...

7.2CVSS7.8AI score0.01749EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/05 10:54 p.m.19 views

CVE-2024-47461 Authenticated Arbitrary Remote Command Execution (RCE) in Instant AOS-8 and AOS-10

An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to...

7.2CVSS0.01749EPSS
Exploits0References1
CVE
CVE
added 2024/11/05 10:54 p.m.49 views

CVE-2024-47461

CVE-2024-47461 is an authenticated command-injection flaw in Aruba Instant AOS-8 and AOS-10 CLI that allows arbitrary commands to run with high privileges, potentially compromising the OS. Affected components: Instant AOS-8/AOS-10 CLI. Root cause: authenticated RCE via command injection in the CL...

7.2CVSS7.2AI score0.01749EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.3 views

Aruba Networks Instant 安全漏洞

Hewlett Packard Enterprise Aruba Networks Instant is a wireless network from Hewlett Packard Enterprise, Inc. provides the only Wi-Fi solution that is easy to set up. A security vulnerability exists in Aruba Networks Instant that stems from the presence of a command injection vulnerability, which...

9CVSS9.4AI score0.014EPSS
Exploits0References3
Veeam
Veeam
added 2024/10/11 12:0 a.m.38 views

Optimizing and Maintaining SQL Server Instance Hosting Veeam Service Provider Console Configuration Database

Purpose This article was produced in coordination with the Veeam R&D team to provide Service Providers with a comprehensive list of the most common performance improvements and maintenance actions relating to the underlying Microsoft SQL Server instance that hosts the Veeam Service Provider Conso...

6.7AI score
Exploits0Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/09 7:4 a.m.4 views

Malicious code in updated-script-restaurant-tycoon-2-script-instant-cook-4dz6cj (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 640f25bc6fc6b05d71f2b8eba8e6e12a80c807dc2a91b97e184cfe5926f050c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
NVD
NVD
added 2024/10/05 1:15 p.m.12 views

CVE-2024-44018

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in istmoplugins Instant Chat Floating Button for WordPress Websites instant-chat-wp allows PHP Local File Inclusion.This issue affects Instant Chat Floating Button for WordPress Websites: from n/a through =...

7.5CVSS0.00511EPSS
Exploits0References1
Rows per page
Query Builder