CVE-2022-31084

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. This can lead to cod...

CVE-2022-0354

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window...

CVE-2020-7846

Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page...

CVE-2020-7806

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

CVE-2024-39602

An external config control vulnerability exists in the nas.cgi setnas functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

Soda PDF Desktop Code Execution Vulnerability (CNVD-2026-06108)

Soda PDF Desktop is a professional PDF processing software that integrates reading, editing, creating, converting and managing PDF documents. Soda PDF Desktop suffers from a code execution vulnerability that stems from allowing dangerous scripts to be executed when processing Word files without...

CVE-2022-27262

An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows attackers to execute arbitrary code via a crafted file...

CVE-2022-27478

Victor v1.0 was discovered to contain a remote code execution RCE vulnerability via the component admin/profile.php?section=admin...

CVE-1999-0061

File creation and deletion, and remote execution, in the BSD line printer daemon lpd...

CVE-1999-0043

Command execution via shell metachars in INN daemon innd 1.5 using "newgroup" and "rmgroup" control messages, and others...

CVE-1999-0266

The info2www CGI script allows remote file access or remote command execution...

CVE-2019-7077

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-16699

The srfreecap aka freeCap CAPTCHA extension 2.4.5 and below and 2.5.2 and below for TYPO3 fails to sanitize user input, which allows execution of arbitrary Extbase actions, resulting in Remote Code Execution...

CVE-2019-12165

MiCollab 7.3 PR2 7.3.0.204 and earlier, 7.2 7.2.2.13 and earlier, and 7.1 7.1.0.57 and earlier and MiCollab AWV 6.3 6.3.0.103, 6.2 6.2.2.8, 6.1 6.1.0.28, 6.0 6.0.0.61, and 5.0 5.0.5.7 have a Command Execution Vulnerability. Successful exploit of this vulnerability could allow an attacker to execu...

CVE-2025-1087

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript...

CVE-2025-1040

AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection SSTI that could lead to Remote Code Execution RCE. The vulnerability arises from the improper handling of user-supplied format strings in the AgentOutputBlock implementation, where malicious input is passed to t...

FNT Command 安全漏洞

FNT Command is a data center infrastructure management platform from FNT Germany. A security vulnerability exists in FNT Command version 13.4.0, which stems from a code execution vulnerability in the C Base Module...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-30657)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

xbtitFM 代码问题漏洞

xbtitFM is a BitTorrent tracker software by the individual developer of xbtitFM. A code issue vulnerability exists in xbtitFM version 4.1.18, which stems from an insecure file upload in the filehosting function that could lead to the execution of arbitrary PHP code...