206166 matches found
CVE-2023-43825
Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...
CVE-2023-43878
Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu...
CVE-2023-43896
A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code...
CVE-2023-43344
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...
CVE-2023-43838
An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar...
CVE-2023-43295
Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...
CVE-2023-43341
Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...
CVE-2023-43354
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component...
CVE-2023-43453
An issue in TOTOLINK X6000R V9.4.0cu.652B20230116 and V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component...
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-29551
Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
CVE-2023-29074
A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2023-29160
Stack-based buffer overflow vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the system where the affected product is installed may be disclosed or arbitrary code may be executed...
CVE-2023-29861
An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device...
CVE-2023-29689
PyroCMS 3.9 contains a remote code execution RCE vulnerability that can be exploited through a server-side template injection SSTI flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system...
CVE-2023-29596
Buffer Overflow vulnerability found in ByronKnoll Cmix v.19 allows an attacker to execute arbitrary code and cause a denial of service via the paq8 function...
CVE-2023-29075
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2023-29862
An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters...
CVE-2023-29808
Cross Site Scripting XSS vulnerability in vogtmh cmaps companymaps 8.0 allows attackers to execute arbitrary code...
CVE-2023-50702
Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users and low-privileged users have write access to %PROGRAMDATA%\SSCService. Consequently, low-privileged users can execute arbitrary code as LocalSystem...