1010 matches found
CVE-2020-37066
GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially crafted text file with Unicode-encoded shellcode to trigger a stack-based overflow and execute command...
CVE-2026-1284
An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file...
CVE-2023-43838
An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar...
CVE-2021-33361
Memory leak in the afraboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...
CVE-2022-35904
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...
CVE-2019-20632
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gfodfdeletedescriptor in odf/descprivate.c that can cause a denial of service via a crafted MP4 file...
CVE-2024-34909
An arbitrary file upload vulnerability in KYKMS v1.0.1 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2021-31516
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vector 35 Binary Ninja 2.3.2660 Build ID 88f343c3. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...
CVE-2022-42420
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
Exploit for CVE-2024-45427
CVE-2024-45427 Exploit Generator This script generates a malic...
CVE-2022-27824
Improper size check of in sapefdparsemetaDESCRIPTION function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file...
CVE-2023-53889 Perch CMS 3.2 Remote Code Execution via Unrestricted File Upload
Perch CMS 3.2 contains a remote code execution vulnerability that allows authenticated administrators to upload arbitrary PHP files through the assets management interface. Attackers can upload a malicious .phar file with embedded system command execution capabilities to execute arbitrary command...
PT-2025-46444
Name of the Vulnerable Software and Affected Versions InCopy versions 20.5, 19.5.5 and earlier Description InCopy versions 20.5, 19.5.5 and earlier are susceptible to a Use After Free issue, potentially allowing arbitrary code execution with the privileges of the current user. Successful...
EUVD-2025-34474
Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
GHSA-H6M2-R6H9-4C44 BBOT's insufficient sanitization issues in gitdumper.py can lead to RCE
Summary bbot's gitdumper.py insufficiently sanitises a .git/config file, leading to Remote Code Execution RCE. bbot's gitdumper.py can be made to consume a malicious .git/index file, leading to arbitrary file write which can be used to achieve Remote Code Execution RCE. Impact A user who uses bbo...
EUVD-2017-6056
Malware in sbrugna...
EUVD-2005-3659
Malware in sbrugna...
EUVD-2017-3839
Malware in sbrugna...
EUVD-2011-2818
Malware in sbrugna...