| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Windows DNS Server Remote Code Execution Vulnerability |
| Windows Text Shaping Remote Code Execution Vulnerability |
| Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability |
| Windows Hyper-V Remote Code Execution Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution. |
| Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap. |
| Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection. |
| A Cross Site Scriptiong (XSS) vulnerability exists in the admin panel in Webuzo < 2.9.0 via an HTTP request to a non-existent page, which is activated by administrators viewing the "Error Log" page. An attacker can leverage this to achieve Unauthenticated Remote Code Execution via the "Cron Jobs" functionality of Webuzo. |
| Rittal CMC PU III Web management Version affected: V3.11.00_2. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitize user input on Network TCP/IP configuration page. This allows the attacker to inject commands as root on the device which will be executed once the data is received. |
| Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution. |
| PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/{Theme Folder], where an attacker can access and execute arbitrary code. |
| Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite. |
| Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution. |
| A Remote Code Execution (RCE) vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions < 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) vulnerabilities. |
| An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution. |
