Lucene search
K

206205 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.4 views

CVE-2023-50136

Cross Site Scripting XSS vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the name field when creating a new custom table...

5.4CVSS6.1AI score0.00408EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.6 views

CVE-2023-50895

In Janitza GridVis through 9.0.66, exposed dangerous methods in the de.janitza.pasw.project.server.ServerDatabaseProject project load functionality allow remote authenticated administrative users to execute arbitrary Groovy code...

7.2CVSS7.4AI score0.0066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.7 views

CVE-2023-49046

Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule...

9.8CVSS7.9AI score0.01407EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.7 views

CVE-2023-49442

Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request...

9.8CVSS7.4AI score0.38549EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.10 views

CVE-2023-49114

A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met...

6.7CVSS7.5AI score0.00359EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.9 views

CVE-2023-45885

Cross Site Scripting XSS vulnerability in NASA Open MCT aka openmct through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin...

5.4CVSS6.1AI score0.00445EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.5 views

CVE-2023-45311

fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project that depends on fsevents distributes code that was obtained from that URL at a time when it was controlled by an...

9.8CVSS7.7AI score0.01535EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.6 views

CVE-2023-45252

DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges...

7.8CVSS7.8AI score0.00316EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.5 views

CVE-2023-45352

Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders. This...

8.8CVSS7.7AI score0.00811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.6 views

CVE-2023-45354

Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated remote attacker to execute arbitrary code on the operating system by using the Common Management Portal web interface. This is also known as OCMP-6589...

8.8CVSS7.8AI score0.00904EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.5 views

CVE-2023-31873

Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require'childprocess'...

7.8CVSS7.4AI score0.01349EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.12 views

CVE-2023-31936

Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file...

7.2CVSS8.1AI score0.0107EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.6 views

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

9.9CVSS7.8AI score0.00957EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.8 views

CVE-2023-31239

Stack-based buffer overflow vulnerability in V-Server v4.0.15.0 and V-Server Lite v4.0.15.0 and earlier allows an attacker to execute arbitrary code by having user open a specially crafted VPR file...

7.8CVSS8.1AI score0.00266EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.7 views

CVE-2023-31932

Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file...

7.2CVSS8.1AI score0.0107EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.4 views

CVE-2023-31985

A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NSv4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations...

9.8CVSS8.2AI score0.08078EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.5 views

CVE-2023-31806

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function...

5.4CVSS6.7AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.6 views

CVE-2023-31874

Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...

8.8CVSS7.5AI score0.04898EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.5 views

CVE-2023-31807

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function...

5.4CVSS6.7AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.7 views

CVE-2023-31986

A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NSv4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations...

9.8CVSS8.1AI score0.08184EPSS
Exploits1References1
Rows per page
Query Builder