120835 matches found
CVE-2023-25212
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25313
OS injection vulnerability in World Wide Broadcast Network AVideo version before 12.4, allows attackers to execute arbitrary code via the video link field to the Embed a video link feature...
CVE-2023-25214
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25344
An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function...
CVE-2023-25210
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25215
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25220
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the addwhitenode function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25309
Cross Site Scripting XSS Vulnerability in Fetlife rollout-ui version 0.5, allows attackers to execute arbitrary code via a crafted url to the delete a feature functionality...
CVE-2023-25211
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25365
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3...
CVE-2023-25219
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25240
An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitrary code...
CVE-2023-43357
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component...
CVE-2023-43825
Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...
CVE-2023-43878
Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu...
CVE-2023-43896
A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code...
CVE-2023-43344
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...
CVE-2023-43838
An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar...
CVE-2023-43295
Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...
CVE-2023-43354
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component...