Lucene search
K

206166 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.14 views

CVE-2023-43825

Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...

7.8CVSS7.3AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.8 views

CVE-2023-43878

Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu...

5.4CVSS6.7AI score0.00488EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.12 views

CVE-2023-43896

A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code...

7.8CVSS8.2AI score0.00377EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.16 views

CVE-2023-43344

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...

5.4CVSS6.2AI score0.00644EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.8 views

CVE-2023-43838

An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar...

7.8CVSS7.8AI score0.00576EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.9 views

CVE-2023-43295

Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...

3.5CVSS7.6AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.9 views

CVE-2023-43341

Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...

6.1CVSS6.2AI score0.00588EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.5 views

CVE-2023-43354

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component...

5.4CVSS6.9AI score0.00461EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.7 views

CVE-2023-43453

An issue in TOTOLINK X6000R V9.4.0cu.652B20230116 and V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component...

9.8CVSS7.9AI score0.01521EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.8 views

CVE-2023-43884

A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...

5.4CVSS6AI score0.00396EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.6 views

CVE-2023-29551

Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

8.8CVSS7.4AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.8 views

CVE-2023-29074

A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

9.8CVSS7.3AI score0.00991EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.6 views

CVE-2023-29160

Stack-based buffer overflow vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the system where the affected product is installed may be disclosed or arbitrary code may be executed...

7.8CVSS7.5AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.6 views

CVE-2023-29861

An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device...

9.8CVSS7.9AI score0.01782EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.6 views

CVE-2023-29689

PyroCMS 3.9 contains a remote code execution RCE vulnerability that can be exploited through a server-side template injection SSTI flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system...

9.8CVSS8.6AI score0.4111EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.4 views

CVE-2023-29596

Buffer Overflow vulnerability found in ByronKnoll Cmix v.19 allows an attacker to execute arbitrary code and cause a denial of service via the paq8 function...

7.8CVSS7.9AI score0.0033EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.10 views

CVE-2023-29075

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

9.8CVSS7.3AI score0.00991EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.7 views

CVE-2023-29862

An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters...

9.8CVSS7.9AI score0.01854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.7 views

CVE-2023-29808

Cross Site Scripting XSS vulnerability in vogtmh cmaps companymaps 8.0 allows attackers to execute arbitrary code...

6.1CVSS6.2AI score0.0137EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.4 views

CVE-2023-50702

Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users and low-privileged users have write access to %PROGRAMDATA%\SSCService. Consequently, low-privileged users can execute arbitrary code as LocalSystem...

8.8CVSS7.8AI score0.0058EPSS
Exploits1References1
Rows per page
Query Builder