CVE-2013-5327

MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors...

CVE-2005-3332

PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter...

CVE-2009-2371

Advanced Forum 6.x before 6.x-1.1, a module for Drupal, does not prevent users from modifying user signatures after the associated comment format has been changed to an administrator-controlled input format, which allows remote authenticated users to inject arbitrary web script, HTML, and possibl...

CVE-2005-2691

includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTROVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-10455)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-10454)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on the system...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-10452)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Office Code Execution Vulnerability (CNVD-2025-10612)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

Adobe Animate Out-of-Bounds Write Vulnerability (CNVD-2025-10667)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code...

CVE-2025-4866

A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical. Affected is an unknown function of the component Management Console. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4866 weibocom rill-flow Management Console code injection

A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical. Affected is an unknown function of the component Management Console. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4767 defog-ai introspect Test Endpoint integration_routes.py test_custom_tool code injection

A vulnerability was found in defog-ai introspect up to 0.1.4. It has been rated as critical. Affected by this issue is the function testcustomtool of the file introspect/backend/integrationroutes.py of the component Test Endpoint. The manipulation of the argument inputmodel leads to code injectio...

CVE-2025-48175

creationtimestamp| type| source ---|---|--- 2025-05-16 05:34:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16628 2025-08-17 20:17:34+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwmpc3422c2w...

CVE-2025-30379

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-24022 iTop server vulnerable to portal code injection

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

CVE-2025-43569

Substance3D - Stager versions 3.1.1 and earlier have an out-of-bounds write vulnerability (CWE-787) that could allow arbitrary code execution in the current user context. Exploitation requires user interaction (victim opens a malicious file). Affected product/versions are confirmed across CVE ent...

CVE-2025-43570 Substance3D - Stager | Use After Free (CWE-416)

Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-30324

Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2024-35281

An improper isolation or compartmentalization vulnerability CWE-653 in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variabl...

CVE-2024-35281

An improper isolation or compartmentalization vulnerability CWE-653 in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variabl...