NETGEAR RAX30 Command Injection Vulnerability (CNVD-2024-33905)

The NETGEAR RAX30 is a dual-band wireless router from NETGEAR. The NETGEAR RAX30 suffers from a command injection vulnerability that can be exploited by an attacker to execute arbitrary code...

CVE-2024-23470 SolarWinds Access Rights Manager (ARM) UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability

The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables...

CVE-2024-23470

CVE-2024-23470 affects SolarWinds Access Rights Manager (ARM). A pre-authentication remote code execution vulnerability is described as an exposed dangerous method in the UserScriptHumster component, allowing an unauthenticated user to run commands/executables on the server. Related Nessus data c...

PT-2024-27510 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM 2024 flat Description: The issue is related to an unspecified SQL Injection flaw in the core server, allowing an authenticated attacker within the same network to execute arbitrary code. Recommendations: For Ivanti EPM 2024 flat, a...

Apache Airflow code execution vulnerability (CNVD-2024-33592)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow suffers from a code execution vulnerability that can be exploited by...

The vulnerability of the IBM InfoSphere Information Server software platform, related to insufficient validation of incoming requests, allows a hacker to execute an SSRF attack.

The vulnerability of the IBM InfoSphere Information Server software integration platform is related to insufficient testing of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

Command Execution Vulnerability in UFIDA NC Cloud at UFIDA Network Technology Co.

UFIDA NC Cloud is a large-scale enterprise digitalization platform launched by UFIDA Network Technology Co. A command execution vulnerability exists in UFIDA NC Cloud, which can be exploited by an attacker to execute arbitrary commands...

CVE-2024-40552

PublicCMS v4.0.202302.e was discovered to contain a remote commande execution RCE vulnerability via the cmdarray parameter at /site/ScriptComponent.java...

CVE-2024-40552

PublicCMS v4.0.202302.e was discovered to contain a remote commande execution RCE vulnerability via the cmdarray parameter at /site/ScriptComponent.java...

NETGEAR Routers Code Execution Vulnerability

NETGEAR Routers is a series of routers from NETGEAR. A code execution vulnerability exists in NETGEAR Routers that can be exploited by an attacker to execute arbitrary code...

Adobe Premiere Pro Untrusted Search Path Vulnerability

Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. An untrusted search path vulnerability exists in Adobe Premiere Pro, which can be exploited by an attacker to execute code in the context of the current user...

Kofax Power PDF Buffer Overflow Vulnerability (CNVD-2024-33729)

Kofax Power PDF is a professional PDF editing and management software from Kofax. Kofax Power PDF suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code...

Kofax Power PDF Out-of-Bounds Write Vulnerability (CNVD-2024-33727)

Kofax Power PDF is a professional PDF editing and management software from Kofax. Kofax Power PDF suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code...

Kofax Power PDF Out-of-Bounds Read Vulnerability (CNVD-2024-33725)

Kofax Power PDF is a professional PDF editing and management software from Kofax. Kofax Power PDF suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute arbitrary code...

NETGEAR ProSAFE Arbitrary File Upload Vulnerability

NETGEAR ProSAFE is a network management system from NETGEAR. An arbitrary file upload vulnerability exists in NETGEAR ProSAFE, which can be exploited by an attacker to execute arbitrary code...

D-Link DAP-2622 Buffer Overflow Vulnerability (CNVD-2024-32560)

The D-Link DAP-2622 is a wireless access point Access Point device from China's D-Link. The D-Link DAP-2622 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the root context...

CVE-2024-40552

CVE-2024-40552 affects PublicCMS v4.0.202302.e and is a remote command execution vulnerability exploitable via the cmdarray parameter in /site/ScriptComponent.java. The connected documents confirm the affected product/version and the root cause is a vulnerable handling of the cmdarray input leadi...

Code execution vulnerability in multiple Mozilla products (CNVD-2024-34588)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products, whic...

CVE-2024-40552

PublicCMS v4.0.202302.e was discovered to contain a remote commande execution RCE vulnerability via the cmdarray parameter at /site/ScriptComponent.java...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to a code execution vulnerability in Node.js IP package (CVE-2023-42282)

Summary Potential code execution vulnerability in Node.js IP package CVE-2023-42282 has been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-42282...