Lucene search
K

58 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-9129

Malicious code in bioql PyPI...

6.5CVSS7.5AI score0.00364EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/07/22 9:34 p.m.11 views

CVE-2025-54072

yt-dlp is a feature-rich command-line audio/video downloader. In versions 2025.06.25 and below, when the --exec option is used on Windows with the default placeholder or , insufficient sanitization is applied to the expanded filepath, allowing for remote code execution. This is a bypass of the...

8.1CVSS8.2AI score0.00562EPSS
Exploits0
CVE
CVE
added 2025/07/04 12:0 a.m.25 views

CVE-2025-43711

Tunnelblick 3.5beta06 before 7.0 is vulnerable to arbitrary code execution as root on the next boot when a crafted Tunnelblick.app is dragged into /Applications, due to incomplete uninstallation. Affected: Tunnelblick versions 3.5beta06–7.0 (per conflicting sources). Remediation: upgrade to a new...

8.1CVSS7.4AI score0.00153EPSS
Exploits0References2
OSV
OSV
added 2025/06/19 7:55 p.m.13 views

GHSA-24WV-6C99-F843 Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution

Impact Using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code, without being authenticated. With the ability to execute arbitrary code, this vulnerability can be exploited in an infinite number of ways. It could be used t...

10CVSS7.7AI score0.13105EPSS
Exploits28References5
RedhatCVE
RedhatCVE
added 2025/05/23 4:24 a.m.4 views

CVE-2023-43661

Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch...

9.1CVSS7.2AI score0.46904EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:4 a.m.10 views

CVE-2023-37473

zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing callable strings ie system caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit...

8.8CVSS6.7AI score0.00754EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:59 a.m.6 views

CVE-2023-35839

A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload...

9.8CVSS7.8AI score0.01075EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 1:43 a.m.8 views

CVE-2023-43364

main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution...

9.8CVSS7AI score0.02565EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:50 p.m.5 views

CVE-2021-34182

An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions...

9.8CVSS7.7AI score0.00865EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 7:35 p.m.5 views

CVE-2021-29369

The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands...

9.8CVSS7.4AI score0.01776EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.8 views

CVE-2020-9580

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution...

9.8CVSS7.3AI score0.05038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:31 a.m.7 views

CVE-2013-0685

Invensys Wonderware Information Server WIS 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service resource consumption via unknown vectors...

9.3CVSS8.2AI score0.03287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 5:14 p.m.11 views

CVE-2025-30379

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.6AI score0.00464EPSS
Exploits0References3
CVE
CVE
added 2025/04/08 5:23 p.m.106 views

CVE-2025-29823

The CVE-2025-29823 entry describes a use-after-free vulnerability in Microsoft Excel (part of Microsoft Office) that enables local arbitrary code execution. The initial description states an unauthorized attacker could execute code locally due to the flaw. Connected documents corroborate exposure...

7.8CVSS7.8AI score0.0062EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/02/11 4:9 p.m.52 views

CVE-2024-27781

CVE-2024-27781 is an XSS vulnerability in Fortinet FortiSandbox products due to improper neutralization of input during web page generation. The issue affects FortiSandbox versions 3.0.0–3.2.x, 4.0.0–4.0.4, 4.2.0–4.2.6, and 4.4.0–4.4.4, allowing an authenticated attacker to execute unauthorized c...

9CVSS6.7AI score0.22004EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/04 3:19 p.m.22 views

GO-2024-2763 Heketi Arbitrary Code Execution in github.com/heketi/heketi

Heketi Arbitrary Code Execution in github.com/heketi/heketi...

9CVSS8.7AI score0.05495EPSS
Exploits0References7
OSV
OSV
added 2024/06/04 9:39 a.m.27 views

BIT-DOTNET-2024-21409 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability...

7.3CVSS7.4AI score0.02513EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2024/05/14 7:0 a.m.70 views

GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories

...

8.1CVSS8.2AI score0.01271EPSS
Exploits0
NVD
NVD
added 2024/04/02 7:15 a.m.22 views

CVE-2024-24581

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write...

7.8CVSS6.8AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2024/04/01 7:50 p.m.6 views

MGASA-2024-0106 Updated unixODBC packages fix security vulnerability

It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash...

7.8CVSS7.7AI score0.00284EPSS
Exploits0References3
Rows per page
Query Builder