CVE-2024-44570

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php...

Apache OFBiz Code Execution Vulnerability (CNVD-2024-39150)

Apache OFBiz is the United States Apache Apache Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. A code execution vulnerability exists in Apache OFBiz, which can be exploited by an attacker to execute...

Code execution vulnerability in multiple Mozilla products (CNVD-2024-40521)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products due to...

CVE-2024-38386

in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write...

PT-2025-25437 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions before 15.10.16 XWiki versions 16.0.0-rc-1 through 16.4.6 XWiki versions 16.5.0-rc-1 through 16.10.1 Description: The issue concerns XWiki, a generic wiki platform. In affected versions, an attacker without script or programmin...

CVE-2024-43922

Improper Control of Generation of Code 'Code Injection' vulnerability in NitroPack Inc. NitroPack allows Code Injection.This issue affects NitroPack: from n/a through 1.16.7...

Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of getLinkText method. The issue results from the lack of proper validation of a...

CVE-2024-43882

creationtimestamp| type| source ---|---|--- 2024-08-21 04:00:28+00:00| seen| https://t.me/cvedetector/3706 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

Adobe Bridge out-of-bounds write vulnerability (CNVD-2024-35983)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

PT-2025-28261 · Invt · Invt Vt-Designer

Name of the Vulnerable Software and Affected Versions: INVT VT-Designer affected versions not specified Description: The issue is related to a remote code execution vulnerability due to out-of-bounds write when parsing PM3 files. There is no information provided about the estimated number of...

CVE-2024-38170

Microsoft Excel Remote Code Execution Vulnerability...

PT-2024-28926 · Unknown · Best House Rental Management System

Name of the Vulnerable Software and Affected Versions: Best House Rental Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via the House No and Description parameters in the houses page at the "index.php" component. This enables the attacker t...

SolarWinds Access Rights Manager createGlobalServerChannelInternal Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the createGlobalServerChannelInternal method. The issue results from th...

PT-2024-23965

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description The issue is related to unsafe deserialization in multiple functions of ZygoteProcess.java, allowing code execution as any app via WRITE SECURE SETTINGS. This could lead to local escalation o...

CVE-2024-39017

agreejs shared v0.0.1 was discovered to contain a prototype pollution via the function mergeInternalComponents. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

CVE-2024-38992

airvertco frappejs v0.0.11 was discovered to contain a prototype pollution via the function registerView. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

TOTOLINK A6000R Code Execution Vulnerability

TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a code execution vulnerability that originates from allowing a remote attacker to execute arbitrary code via the iface parameter in the vifenable function. No details of the vulnerability...

Microsoft Office Remote Code Execution Vulnerability (CNVD-2024-28624)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A remote code execution vulnerability exists in Microsoft Office. An attacker can exploit this vulnerabilit...

PT-2024-24202 · Unknown · Open Eclass

Name of the Vulnerable Software and Affected Versions: openclass versions 3.15 and earlier Description: The issue allows an attacker to execute arbitrary code via a crafted file to the "certbadge.php" endpoint. This enables the attacker to potentially gain control over the system. Recommendations...