639 matches found
CVE-2023-45213
A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device...
GHSA-H2RQ-QHR7-53GM Apache Sling Servlets Resolver executes malicious code via path traversal
Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...
CVE-2024-23673
Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...
Path traversal
Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...
CVE-2024-23673 Apache Sling Servlets Resolver: Malicious code execution via path traversal
Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...
CVE-2023-32451
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation...
Westermo Lynx 206-F2G Security Vulnerability
The Westermo Lynx 206-F2G is a Layer 3 industrial Ethernet switch from Westermo, Sweden, powered by the Westermo WeOS network operating system. A security vulnerability exists in the Westermo Lynx 206-F2G. An attacker can exploit this vulnerability to execute malicious code...
KLA62823 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary...
CVE-2023-41782
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code...
KLA62769 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebAudio can be exploited to cause denial of service or...
ZTE ZXCLOUD iRAI Code Issue Vulnerability
The ZTE ZXCLOUD iRAI is a virtualization device from ZTE Corporation ZTE of China. A security vulnerability exists in ZTE ZXCLOUD iRAI. An attacker can exploit this vulnerability to place a fake DLL file in a specific directory and successfully execute malicious code...
Mitsubishi Electric MELSEC-Q Series C Controller Module Denial of Service and Malicious Code Execution (CVE-2021-29998)
Denial of Service and Malicious Code Execution Vulnerability exists in DHCP client function of VxWorks version 6.4, a real-time OS distributed by Wind River. A remote attacker may cause a denial of service DoS condition or execute malicious code on a target product by sending specially crafted...
KLA62469 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in FedCM can be exploited to...
Design/Logic Flaw
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This issue arises from the applications improperly searching for and loading dynamic link libraries, potentially allowing an attacker to execute malicious code via a DLL with a matching name in an...
CVE-2023-5247
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in...
Remote code execution
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in...
CVE-2023-5247
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in...
CVE-2023-5247
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in...
CVE-2023-5247
CVE-2023-5247 involves external control of a file name or path in Mitsubishi Electric FA Engineering Software Products (GX Works3, MELSOFT iQ AppPortal, MELSOFT Navigator, Motion Control Setting). Technical details from connected sources show a malicious-code-execution risk when legitimate users ...
Code injection
SpringbootCMS 1.0 foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker,...