Lucene search
K

10849 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:41 a.m.9 views

CVE-1999-0669

The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy...

4CVSS7.9AI score0.0912EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.6 views

CVE-2019-12811

ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution...

9.8CVSS7.9AI score0.0216EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/12/17 12:0 a.m.205 views

📄 FastAPI‑Based Delivery Server Proof of Concept

This proof of concept demonstrates how legacy ActiveX objects in Internet Explorer can be invoked automatically when a crafted HTML payload is delivered by a minimal HTTP server. The proof of concept shows automatic execution attempts using WScript.Shell and Shell.Application without additional...

7.8CVSS6.9AI score0.01466EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/12/10 9:16 p.m.4 views

CVE-2021-47705

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNCCtrl.dll to cause heap...

8.7CVSS8.4AI score0.00447EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 9:31 p.m.6 views

EUVD-2021-34734

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNCCtrl.dll to cause heap...

8.7CVSS7.9AI score0.00447EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/09 9:31 p.m.7 views

EUVD-2021-34726

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

8.7CVSS8.1AI score0.00409EPSS
Exploits0References5
NVD
NVD
added 2025/12/09 9:15 p.m.5 views

CVE-2021-47705

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNCCtrl.dll to cause heap...

8.7CVSS0.00447EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/09 8:41 p.m.21 views

CVE-2021-47719 CNC_Ctrl DllUnregisterServer f5501 Access Violation

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

8.7CVSS0.00409EPSS
Exploits0References4
CVE
CVE
added 2025/12/09 8:41 p.m.13 views

CVE-2021-47719

CVE-2021-47719 affects COMMAX WebViewer ActiveX Control 2.1.4.5. The root cause is a buffer overflow in Commax_WebViewer.ocx triggered by processing excessively long string arrays across multiple functions, enabling potentially arbitrary code execution. Documents consistently describe boundary er...

8.7CVSS8.2AI score0.00409EPSS
Exploits0References4
CVE
CVE
added 2025/12/09 8:37 p.m.15 views

CVE-2021-47705

The vulnerability CVE-2021-47705 affects COMMAX UMS Client ActiveX Control 1.7.0.2. The root cause is a heap-based buffer overflow in CNC_Ctrl.dll, resulting from improper boundary validation. An attacker can supply excessively long string arrays through multiple functions to trigger heap corrupt...

8.7CVSS8.1AI score0.00447EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/09 8:37 p.m.21 views

CVE-2021-47705 CNC_Ctrl DllUnregisterServer Access Violation

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNCCtrl.dll to cause heap...

8.7CVSS0.00447EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-50235

Name of the Vulnerable Software and Affected Versions COMMAX UMS Client ActiveX Control version 1.7.0.2 Description The COMMAX UMS Client ActiveX Control contains a heap-based buffer overflow issue. An attacker can execute arbitrary code by supplying overly long string arrays through multiple...

8.7CVSS8AI score0.00447EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.5 views

COMMAX WebViewer ActiveX Control 缓冲区错误漏洞

COMMAX WebViewer ActiveX Control is a browser plug-in from the Korean company COMMAX. A buffer error vulnerability exists in COMMAX WebViewer ActiveX Control version 2.1.4.5, which stems from a buffer overflow issue in CommaxWebViewer.ocx that could lead to the execution of arbitrary code...

8.7CVSS7.3AI score0.00409EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/13 11:8 p.m.4 views

CVE-2022-4983

TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control's licensing handling INI-file based that can be abused to cause remote creation of files on the host filesystem. Depending on where files can be created and which filenames are allowed, this can allow...

6.9CVSS7.6AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/13 11:8 p.m.5 views

CVE-2017-20211

UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may...

8.6CVSS7.9AI score0.00662EPSS
Exploits0References1
NVD
NVD
added 2025/11/12 10:15 p.m.6 views

CVE-2022-4983

TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control's licensing handling INI-file based that can be abused to cause remote creation of files on the host filesystem. Depending on where files can be created and which filenames are allowed, this can allow...

6.9CVSS0.00341EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/12 10:6 p.m.3 views

CVE-2022-4983 TEC-IT TBarCode SDK 11.15 Remote File Create

TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control's licensing handling INI-file based that can be abused to cause remote creation of files on the host filesystem. Depending on where files can be created and which filenames are allowed, this can allow...

6.9CVSS7.2AI score0.00341EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/12 10:5 p.m.3 views

CVE-2017-20211 UCanCode E-XD++ Visualization Enterprise Suite Untrusted Pointer Dereference RCE

UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may...

8.6CVSS7.5AI score0.00662EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.6 views

PT-2025-46727

UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may...

8.6CVSS7.9AI score0.00662EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.5 views

PT-2025-46731

Name of the Vulnerable Software and Affected Versions TEC-IT TBarCode version 11.15 Description The TBarCode11.ocx ActiveX/OCX control in version 11.15 has a flaw in its licensing handling, which relies on INI-files. This can be exploited to remotely create files on the host filesystem. Depending...

6.9CVSS7.1AI score0.00341EPSS
Exploits0References4
Rows per page
Query Builder