VMware vCenter Server 代码注入漏洞

Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. vCenter Server is vulnerable to ...

CVE-2021-32294

An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution...

Microsoft Word Code Execution Vulnerability (CNVD-2025-17492)

Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

Security Updates for Microsoft Office (September 2021) (macOS)

The Microsoft Office product installed on the remote host is affected by multiple vulnerabilities, as follows: - A spoofing vulnerability in Microsoft Office that can be exploited by a remote, low privileged attacker. CVE-2021-38650 - A remote code execution vulnerability in Microsoft Excel that...

Description of the security update for Excel 2013: September 14, 2021 (KB5002014)

Description of the security update for Excel 2013: September 14, 2021 KB5002014 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-38655. Note: To apply thi...

Microsoft Office Graphics Remote Code Execution Vulnerability

...

CVE-2021-33551

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code...

CVE-2021-26608

An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash...

CVE-2021-26608

The provided records describe CVE-2021-26608 as an arbitrary file download and execution vulnerability in Handysoft Co., Ltd groupware ActiveX module, specifically the HShell.dll. Root cause: lack of integrity checking for the download URL or the downloaded file hash. Impact stated as allows arbi...

PT-2021-17075 · Handysoft Co. · Handysoft Co.

Name of the Vulnerable Software and Affected Versions: handysoft Co., Ltd groupware affected versions not specified Description: The issue is related to an arbitrary file download and execution vulnerability found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This vulnerabilit...

CVE-2021-21897

A code execution vulnerability exists in the DLDxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Heap overflow

A code execution vulnerability exists in the DLDxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Command Execution Vulnerability in NetGuard Security Management Platform of Beijing NetGuard Nebula Information Technology Co.

Beijing Nethub Information Technology Co., Ltd. was renamed from Lenovo Nethub Technology Beijing Co., Ltd. and its business covers network border security protection, application and data security protection, network-wide security risk management, professional security solutions and professional...

CVE-2020-35635

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in NefS2/SNCioparser.h SNCioparser::readsface storesmboundaryitem Sloopof OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead t...

CVE-2021-26084

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before...

(0Day) Fuji Electric Tellus Lite V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Exchange ProxyShell Remote Code Execution Exploit

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary...

Remote code execution

A remote code execution RCE vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary code...

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-34473 CVE-2021-34473 Microsoft Exchange Server Remote...

Microsoft Word Code Execution Vulnerability (CNVD-2025-17493)

Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...