Apache Tomcat Path Equivalence - Remote Code Execution

Path Equivalence- 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. id: CVE-2025-24813 info: name: Apache Tomcat Path Equivalence - Remote Code Execution...

WP Time Capsule Plugin - Remote Code Execution

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticat...

SimpleHelp <= 5.5.7 - Unauthenticated Path Traversal

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...

DotNetNuke 07.04.00 - Administration Authentication Bypass

The installation wizard in DotNetNuke DNN before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx. id: CVE-2015-2794 info: name: DotNetNuke 07.04.00 - Administration Authentication Bypass author: 0xr2r severity...

Apache ActiveMQ - Remote Code Execution

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations o...

Sophos Web Appliance - Remote Code Execution

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. id: CVE-2023-1671 info: name: Sophos Web Appliance - Remote Code Execution author: Co5mos severity: critical description: | A pre-auth...

Ivanti ICS - Authentication Bypass

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. id: CVE-2023-46805 info: name: Ivanti ICS - Authentication Bypass author: DhiyaneshDK,daffainfo,geeknik...

VMware Aria Operations for Networks - Remote Code Execution

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution. id:...

Apache OFBiz - Remote Code Execution

Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution on Linux and Windows. An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server id: CVE-2024-45195 info: name: Apache OFBiz -...

LG Simple Editor <= v3.21.0 - Command Injection

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

SolarWinds Web Help Desk < 2026.1 - Unauthenticated JNDI Injection RCE

SolarWinds Web Help Desk before version 2026.1 contains an insecure deserialization vulnerability in the jabsorb JSON-RPC library. When chained with a CSRF whitelist bypass CVE-2025-40536, remote unauthenticated attackers can exploit JNDI injection via the Apache Xalan JNDIConnectionPool class to...

XWiki Platform - Remote Code Execution

Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity, and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 15.10.11, 16.4.1, and 16.5.0RC1. id: CVE-2025-24893 info: name: XWiki...

Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal

Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software are susceptible to directory traversal vulnerabilities that could allow an unauthenticated, remote attacker to obtain read and delete access to sensitive files on a targeted system. id: CVE-2020-3187...

Oracle Weblogic Server - Remote Command Execution

Oracle WebLogic Server contains an easily exploitable remote command execution vulnerability which allows unauthenticated attackers with network access via HTTP to compromise the server. id: CVE-2020-14882 info: name: Oracle Weblogic Server - Remote Command Execution author: dwisiswant0 severity:...

DrayTek - Remote Code Execution

DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta devices allow remote code execution as root without authentication via shell metacharacters to the cgi-bin/mainfunction.cgi URI. id: CVE-2020-8515 info: name: DrayTek - Remote Code Execution...

Apache Airflow <=1.10.10 - Remote Code Execution

Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending on the executor in us...

Qlik Sense Enterprise - HTTP Request Smuggling

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass

Ivanti Endpoint Manager Mobile EPMM, formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available. id: CVE-2023-35078 info...

Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote...

FreePBX - Remote Code Execution

FreePBX 15, 16, and 17 contain a remote code execution caused by insufficiently sanitized user-supplied data in endpoints, letting unauthenticated attackers manipulate the database and execute code remotely, exploit requires no authentication. id: CVE-2025-57819 info: name: FreePBX - Remote Code...