1503 matches found
CVE-2023-51887
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL...
CVE-2023-6288
Code injection in Remote Desktop Manager 2023.3.9.3 and earlier on macOS allows an attacker to execute code via the DYLIBINSERTLIBRARIES environment variable...
CVE-2023-6071
An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. This is possible as the input isn't correctly sanitized when adding a new data source...
CVE-2023-33220
During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
CVE-2023-37177
SQL Injection vulnerability in PMB Services PMB v.7.4.7 and before allows a remote unauthenticated attacker to execute arbitrary code via the query parameter in the /admin/convert/exportz3950.php endpoint...
CVE-2023-22505
This High severity RCE Remote Code Execution vulnerability known as CVE-2023-22505 was introduced in version 8.0.0 of Confluence Data Center & Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8, allows an authenticated attacker to execute arbitrary code which has high...
CVE-2023-46300
iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...
CVE-2023-30899
A vulnerability has been identified in Siveillance Video 2020 R2 All versions V20.2 HotfixRev14, Siveillance Video 2020 R3 All versions V20.3 HotfixRev12, Siveillance Video 2021 R1 All versions V21.1 HotfixRev12, Siveillance Video 2021 R2 All versions V21.2 HotfixRev8, Siveillance Video 2022 R1 A...
CVE-2023-6016
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...
CVE-2023-44813
Cross Site Scripting XSS vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function...
CVE-2023-44008
File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the File Manager function...
CVE-2023-46480
An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function...
CVE-2023-46468
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...
CVE-2023-33653
Sitecore Experience Platform XP v9.3 was discovered to contain an authenticated remote code execution RCE vulnerability via the component /Applications/Content%20Manager/Execute.aspx?cmd=convert=HTML...
CVE-2023-30349
JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...
CVE-2023-30130
An issue found in CraftCMS v.3.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the Section parameter...
CVE-2023-29963
S-CMS v5.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the component /admin/ajax.php...
CVE-2023-27821
Databasir v1.0.7 was discovered to contain a remote code execution RCE vulnerability via the mockDataScript parameter...
CVE-2023-41005
An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...
CVE-2023-51073
An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/updatenotifications.sh...