Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
RCE
Movable Type
NVD
CVSS 2.0
7.5
EPSS
2.3%
SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Information Disclosure
V Series Appliances
NVD
CVSS 2.0
7.5
EPSS
0.4%