Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
`nuxt-api-party` is an open source module to proxy API requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
`nuxt-api-party` is an open source module to proxy API requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
PyInstaller bundles a Python application and all its dependencies into a single package. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A flaw was found in Quarkus. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.
OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.