2841 matches found
CVE-2025-21291 Windows Direct Show Remote Code Execution Vulnerability
...
CVE-2025-21248 Windows Telephony Service Remote Code Execution Vulnerability
...
CVE-2025-21243 Windows Telephony Service Remote Code Execution Vulnerability
...
CVE-2025-21244 Windows Telephony Service Remote Code Execution Vulnerability
...
CVE-2025-21171 .NET Remote Code Execution Vulnerability
...
CVE-2024-39370
CVE-2024-39370 affects the Wavlink AC3000 M33A8.V5030.210505: the adm.cgi set_MeshAp() function is vulnerable to a buffer overflow via crafted POST data (e.g., wlan_ssid2), enabling arbitrary code execution after passing authentication. TALOS cites a CVSSv3.1 score of 9.1 (CRITICAL) with network ...
CVE-2024-47572
An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4.1 allows attacker to execute unauthorized code or commands via manipulating csv file...
CVE-2024-54021
An Improper Neutralization of CRLF Sequences in HTTP Headers 'http response splitting' vulnerability CWE-113 in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers...
January 14, 2025-Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5050183)
January 14, 2025-Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 KB5050183 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET...
Description of the security update for Access 2016: January 14, 2025 (KB5002670)
Description of the security update for Access 2016: January 14, 2025 KB5002670 Summary This security update resolves a Microsoft Access remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposures...
Microsoft Access Remote Code Execution Vulnerability
...
Microsoft Internet Explorer 安全漏洞
Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. A code execution vulnerability exists in Microsoft Internet Explorer due to a flaw in the Internet Explorer component. An attacker could exploit the vulnerability to...
Microsoft Office 安全漏洞
Microsoft Office OneNote is a set of tools for free-form information access and multi-user collaboration. A code execution vulnerability exists in Microsoft Office OneNote, which can be exploited by an attacker to execute arbitrary code on a system...
January 14, 2025-KB5050190 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Azure Stack HCI, version 22H2
January 14, 2025-KB5050190 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Azure Stack HCI, version 22H2 Release Date: January 14, 2025 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Azure Stack...
CVE-2024-46210
An arbitrary file upload vulnerability in the MediaPool module of Redaxo CMS v5.17.1 allows attackers to execute arbitrary code via uploading a crafted file...
The vulnerability of the signer-package processor in Nucleus scanners allows a perpetrator to execute arbitrary code.
The vulnerability of the signer-package processor in Nuclei scanners exists because measures to neutralize special elements are not taken. Exploiting this vulnerability allows an attacker to execute arbitrary code by running a specially crafted template with user input...
CVE-2024-50603
An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloudtype for...
CVE-2025-0247 Memory safety bugs fixed in Firefox 134 and Thunderbird 134
Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 134 and Thunderbird 134...
CVE-2022-45185
CVE-2022-45185 affects SuiteCRM 7.12.7. Authenticated users can upload malicious files through CRM functions, and Minecraft-like… sorry, deserialization can be used to achieve code execution. The Red Hat and OSV entries confirm the same description. The documented impact is high (CVE-3.1 base sco...
CVE-2024-13046
Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution vulnerability affects Ashlar-Vellum Cobalt. The flaw arises in CO file parsing due to inadequate validation of input data, causing a write past the end of an allocated buffer and enabling code execution in the target p...