CVE-2024-38319 IBM Security SOAR code execution

IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830...

Adobe Commerce Security Bypass Vulnerability

Adobe Commerce is the United States of America Odobie Adobe company of a business and brand-oriented digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to trigger a specially crafted script to bypass security features...

CVE-2021-20717

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

Cross site scripting

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

Windows Print Spooler Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs...

Restriction Bypass

Perl is vulnerable to Restriction Bypass. The Safe module did not properly restrict the code of implicitly called methods such as DESTROY and AUTOLOAD on implicitly blessed objects returned as a result of unsafe code evaluation. These methods could have been executed unrestricted by Safe when suc...

Windows UPnP Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs;...

GLSA-201903-02 : Zsh: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201903-02 Zsh: User-assisted execution of arbitrary code Two input validation errors have been discovered in how Zsh parses scripts: Parsing a malformed shebang line could cause Zsh to call a program listed in the second line...

Medium: R

Issue Overview: An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this...