CVE-2024-50809

CVE-2024-50809 affects SDCMS 2.8 via a vulnerability in the theme.php file that enables command execution (system commands). Multiple sources (NVD, Red Hat, CNNVD, CVE lists, CIRCL) confirm the vulnerable component; CVSSv3.1 base score is 8.8 (High) with network attack vector, low complexity, and...

Command Execution Vulnerability in the Operation and Maintenance Security Management System of Beijing Shengbo Run High-Tech Co.

Beijing Shengbolun High-Tech Co., Ltd. is a high-tech enterprise focusing on network security technology research, product development and security services. A command execution vulnerability exists in the Operations and Maintenance Security Management System OMS of Beijing Saints Bright Hi-Tech...

Command Execution Vulnerability in Intelligent Park Integrated Management Platform of Zhejiang Dahua Technology Co.

Zhejiang Dahua Co., Ltd. is a leading supplier of surveillance products and solution service provider for the world to provide leading video storage, front-end, display control and intelligent transportation and other series of products, and provide to provide thermal imaging temperature...

Command Execution Vulnerability in Fangde Desktop Operating System of Zhongke Fangde Software Co.

Fangde desktop operating system is a domestic operating system, adapted to Haikuang, Zhaoxin, Feiteng, Longxin, Shenwei, Kunpeng and other domestic CPUs, supporting x86, ARM, MIPS and other mainstream architectures. A command execution vulnerability exists in the Fangde desktop operating system o...

Cisco Secure Firewall Management Center Command Execution Vulnerability

Cisco Secure Firewall Management Center is a powerful network security management tool from Cisco. A command execution vulnerability exists in Cisco Secure Firewall Management Center that stems from insufficient input validation of certain HTTP request parameters sent to the web management...

Cisco Secure Firewall Management Center 安全漏洞

Cisco Secure Firewall Management Center is a powerful network security management tool from Cisco. A command execution vulnerability exists in Cisco Secure Firewall Management Center that stems from insufficient input validation of certain HTTP request parameters sent to the web management...

KLA74117 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Parce...

Command Execution Vulnerability in ANYSEC Second Generation Firewall of Shenzhen Zhongke NetWizard Technology Co.

ANYSEC's second-generation firewall is a new generation of application security gateway products for comprehensive L2-L7 security in the mobile Internet era. Ltd. ANYSEC second generation firewall has a command execution vulnerability that can be exploited by attackers to gain control of the serv...

CVE-2024-46213

REDAXO CMS v2.11.0 was discovered to contain a remote code execution RCE vulnerability...

Adobe Animate Memory Misreference Vulnerability (CNVD-2024-41255)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate memory misreference vulnerability can be exploited by an attacker to execute arbitrary code in the context of the current user...

Delta Electronics CNCSoft-G2 Out-of-Bounds Write Vulnerability

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Adobe Substance 3D Stager Code Execution Vulnerability (CNVD-2024-40924)

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance 3D Stager. An attacker could exploit the vulnerability to execute arbitrary code in the current user's environment...

Adobe Substance 3D Stager Code Execution Vulnerability (CNVD-2024-40923)

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance 3D Stager that originates from a heap-based buffer overflow. An attacker could exploit the vulnerability to execute arbitrary code in the current user's...

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Siemens JT2Go Stack Buffer Overflow Vulnerability

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with available JT, VFZ, CGM and TIF data. Siemens JT2Go suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

CVE-2024-43608

Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability...

CVE-2024-43574

Microsoft Speech Application Programming Interface SAPI Remote Code Execution Vulnerability...

CVE-2024-43497 DeepSpeed Remote Code Execution Vulnerability

...

CVE-2024-43543

CVE-2024-43543 is a Windows Mobile Broadband Driver Remote Code Execution vulnerability. The initial document states it affects Windows Mobile Broadband Driver and provides CVSS v3.1 metrics: AV/Physical, AC/Low, PR/None, UI/None, S/Unchanged; impacts Confidentiality, Integrity, Availability all ...