CVE-2011-4513

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file,...

CVE-2019-15412

The Asus ZenFone 4 Selfie Android device with a build fingerprint of asus/WWZ01M/ASUSZ01M1:7.1.1/NMF26F/WW71.50.395.5720180913:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app versionCode=1570000020, versionName=7.0.0.4170901 that allows other...

CVE-2013-6040

MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls before version 4.0 vulnerable to arbitrary code via a crafted HTML document. Latest versions 4.0 of MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls have resolved the issue...

CVE-2019-9492

A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable...

CVE-2019-8179

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-8246

Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-7103

Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-20504

service/krashrpt.php in Quest KACE K1000 Systems Management Appliance before 6.4 SP3 6.4.120822 allows a remote attacker to execute code via shell metacharacters in the kuid parameter...

CVE-2019-0847

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0851, CVE-2019-0877, CVE-2019-0879...

CVE-2019-19468

Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corrupt entry...

CVE-2019-5358

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-16737

The processCommandSetMac function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user...

CVE-2019-1010149

zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms File Delete to Code Execution. The component is: user/licencesave.php...

CVE-2019-11972

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-10786

network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync" argument...

CVE-2019-1249

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1246, CVE-2019-124...

CVE-2019-16732

Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user...

CVE-2019-11979

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-10804

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation...

CVE-2019-10801

enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization...