Remote Code Execution (RCE)

org.apache.hive, hive-exec is vulnerable to Remote Code Execution RCE. The vulnerability is due to the unsafe deserialization of arbitrary data using the SerializationUtilitiesdeserializeObjectWithTypeInformation method, which allows attackers to execute arbitrary code if they are authenticated a...

Adobe Experience Manager Input Validation Error Vulnerability (CNVD-2025-16240)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. An inp...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-02451)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Siemens Solid Edge SSA-730188 Integer Underflow Vulnerability

The version of Siemens Solid Edge installed on the remote Windows host is prior to 224.00.10.04. It is, therefore, affected by integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the curre...

Command Execution Vulnerability in JeeSite of Jinan Zhuoyuan Software Co.

JeeSite is a Java rapid development platform based on Spring Boot, Spring Cloud, MyBatis, Shiro, Beetl and Bootstrap. There is a command execution vulnerability in JeeSite, which can be exploited by an attacker to gain server privileges...

Siemens Parasolid Out-of-Bounds Write Vulnerability (CNVD-2024-47906)

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. An out-of-bounds write vulnerability exists in Siemens Parasolid, which can be exploited by an attacker to execute code in the...

Veritas Enterprise Vault Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Veritas Enterprise Vault. Authentication is required to exploit this vulnerability. The specific flaw exists within the EVFileSvrArcMngr service. The issue results from the lack of proper...

CVE-2024-52831 Adobe Experience Manager | Improper Input Validation (CWE-20)

Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect the integrity of the page. Exploitatio...

CVE-2024-53001 Substance3D - Modeler | Out-of-bounds Write (CWE-787)

Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-52984 Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49551

CVE-2024-49551 affects Adobe Media Encoder versions 25.0 and 24.6.3 and earlier, with an out-of-bounds write that could allow arbitrary code execution in the user’s context. Exploitation requires the victim to open a malicious file (user interaction). Connected sources also reference related CVEs...

CVE-2024-49142 Microsoft Access Remote Code Execution Vulnerability

...

CVE-2024-49115 Windows Remote Desktop Services Remote Code Execution Vulnerability

...

CVE-2024-49108 Windows Remote Desktop Services Remote Code Execution Vulnerability

...

CVE-2024-49108

CVE-2024-49108 is a Windows Remote Desktop Services remote code execution vulnerability. According to the connected advisories, it is rated high severity (CVSSv3.1 base 8.1) with network access required and no user interaction, and the impact is execution of arbitrary code with high confidentiali...

CVE-2024-49070 Microsoft SharePoint Remote Code Execution Vulnerability

...

CVE-2024-53041

A vulnerability has been identified in Teamcenter Visualization V14.2 All versions V14.2.0.14, Teamcenter Visualization V14.3 All versions V14.3.0.12, Teamcenter Visualization V2312 All versions V2312.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0016, Tecnomatix Plant Simulation V24...

Windows Remote Desktop Services Remote Code Execution Vulnerability

...

Microsoft Windows Remote Desktop Services 安全漏洞

Microsoft Windows Remote Desktop Services is a collection of features from Microsoft USA that allow users to remotely access graphical desktops and Windows applications. A remote code execution vulnerability exists in Microsoft Windows Remote Desktop Services, which is caused by a flaw in the...

KB5048652: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (December 2024)

The remote Windows host is missing security update 5048652. It is, therefore, affected by multiple vulnerabilities - Windows Kernel-Mode Driver Elevation of Privilege Vulnerability CVE-2024-49074 - Input Method Editor IME Remote Code Execution Vulnerability CVE-2024-49079 - Windows Common Log Fil...