4290 matches found
CVE-2023-43358
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component...
CVE-2023-50445
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...
CVE-2023-31803
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the resource sequencing parameters...
CVE-2018-9333
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: K7TSMngr.exe...
CVE-2018-9428
In startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a use after free. This could lead to local arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2001-1553
Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options 1 socksserver, 2 socksuser, and 3 sockspasswd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be...
CVE-2001-1576
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument...
CVE-2021-22775
A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...
CVE-2022-23449
A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the...
CVE-2022-37184
The application managewebsite.php on Garage Management System 1.0 is vulnerable to Shell File Upload. The already authenticated malicious user, can upload a dangerous RCE or LCE exploit file...
CVE-2022-37009
In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible...
CVE-2022-26503
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges...
CVE-2019-2112
In several functions of alarm.cc, there is possible memory corruption due to a use after free. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9...
CVE-2022-37396
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution...
CVE-2024-34622
Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege...
CVE-2026-20971
Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code...
CVE-2026-20971
Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code...
CVE-2026-20968
Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code...
CVE-2026-20971
Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code...
CVE-2026-20971
Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code...