CVE Daily
← All tags

Tag: Remote Code Execution

All CVEs associated with "Remote Code Execution". Page 345/345 • 41309 CVEs.

Subscribe CVEs: RSS for “Remote Code Execution”  ·  RSS (High+Critical only)

About “Remote Code Execution”

A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41309 CVEs for this tag (all time). In the last 365 days, 4654 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2001-05-29
High

CVE-2001-1326

Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a…

CVSS: 7.5 CWE: N/A View on NVD
2001-05-22
High

CVE-2001-0551

Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.

CVSS: 7.2 CWE: N/A View on NVD
2001-05-16
High

CVE-2001-1323

Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly han…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2001-05-10
High

CVE-2001-1332

Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2001-03-13
High

CVE-2001-1230

Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2001-03-12
High

CVE-2001-0127

Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag.

CVSS: 7.6 CWE: N/A View on NVD
High

CVE-2001-1229

Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2001-02-12
Critical

CVE-2000-0895

Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request.

CVSS: 10.0 CWE: N/A View on NVD
2001-02-09
High

CVE-2001-1453

Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-1454

Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.

CVSS: 7.5 CWE: N/A View on NVD
2000-12-11
Medium

CVE-2000-1031

Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2000-1046

Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "…

CVSS: 10.0 CWE: N/A View on NVD
2000-10-20
High

CVE-2000-0741

Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.

CVSS: 7.5 CWE: N/A View on NVD
2000-01-01
High

CVE-1999-0964

Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable.

CVSS: 7.2 CWE: N/A View on NVD
1999-12-31
Critical

CVE-1999-1588

Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka Sys…

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
1999-11-08
Critical

CVE-2001-0679

A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server.

CVSS: 10.0 CWE: N/A View on NVD
1999-11-07
High

CVE-1999-1529

A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
1999-11-02
High

CVE-1999-1531

Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.

CVSS: 7.5 CWE: N/A View on NVD
1999-09-30
High

CVE-1999-1583

Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.

CVSS: 7.2 CWE: N/A View on NVD
1999-09-27
High

CVE-1999-1576

Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.

CVSS: 7.5 CWE: N/A View on NVD
1999-09-12
Critical

CVE-1999-1521

Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server.

CVSS: 10.0 CWE: N/A View on NVD
1999-09-02
High

CVE-1999-1516

A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string.

CVSS: 7.5 CWE: N/A View on NVD
1999-08-05
Medium

CVE-1999-0719

The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
1998-07-06
High

CVE-1999-1574

Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings."

CVSS: 7.5 CWE: N/A View on NVD
1997-07-08
Medium

CVE-1999-0196

websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable).

CVSS: 5.0 CWE: N/A View on NVD
1997-06-19
Medium

CVE-1999-1483

Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable.

CVSS: 4.6 CWE: N/A View on NVD
1997-01-01
High

CVE-1999-0178

Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string.

CVSS: 7.5 CWE: N/A View on NVD
1996-10-25
High

CVE-1999-0032

Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

CVSS: 7.2 CWE: N/A View on NVD
1996-08-21
High

CVE-1999-0085

Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.

CVSS: 7.5 CWE: N/A View on NVD