96 matches found
EUVD-2023-45548
Malicious code in bioql PyPI...
EUVD-2022-52408
Malicious code in bioql PyPI...
EUVD-2024-51117
Malicious code in bioql PyPI...
EUVD-2021-6796
Malicious code in bioql PyPI...
EUVD-2024-16437
Malicious code in bioql PyPI...
CVE-2025-26186
SQL Injection vulnerability in openSIS v.9.1 allows a remote attacker to execute arbitrary code via the id parameter in Ajax.php...
CVE-2025-49672
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
CVE-2025-49670
Technical details about CVE-2025-49670 (affected software, root cause, impact, and fixes) are not provided in the connected documents; only the initial description is available. Monitor for updates to obtain concrete vulnerability specifics.
CVE-2025-33066
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
CVE-2025-31104
FortiADC is affected by CVE-2025-31104 due to OS command injection (CWE-78) from improper neutralization of special elements in crafted HTTP requests. Affected versions include FortiADC 6.1, 6.2, and 7.0 through 7.6.1 (encompassing 7.0, 7.1.0–7.1.4, 7.2.0–7.2.7, 7.4.0–7.4.6, and 7.6.0–7.6.1). An ...
CVE-2024-25753
Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function...
CVE-2023-51801
SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the id parameter in the studentform.php and the classform.php pages...
CVE-2023-30787
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/introductions endpoint and firstmetadditionalinfo parameter...
CVE-2023-46581
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component...
CVE-2022-46360
Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file...
CVE-2022-43448
Out-of-bounds write vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file...
CVE-2022-3742
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation...
CVE-2020-21268
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...
CVE-2020-20413
SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle function in admin/content.php...
CVE-2019-17556
Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn't check classes being deserialized. If an attacker can feed malicious metadata to the class, then it may result in running attacker's code in the worse case...