CVE Daily
← All tags

Tag: Remote Code Execution

All CVEs associated with "Remote Code Execution". Page 80/346 • 41421 CVEs.

Subscribe CVEs: RSS for “Remote Code Execution”  ·  RSS (High+Critical only)

About “Remote Code Execution”

A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41421 CVEs for this tag (all time). In the last 365 days, 4753 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2024-04-11
High

CVE-2023-5394

Server receiving a malformed message that where the GCL message hostname may be too large which may cause a stack overflow; resulting in possible remote code execution. Honeywell recommends updating…

CVSS: 7.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-5393

Server receiving a malformed message that causes a disconnect to a hostname may causing a stack overflow resulting in possible remote code execution. Honeywell recommends updating to the most recent…

CVSS: 7.4 CWE: CWE-130 - Improper Handling of Length Parameter Inconsistency View on NVD
High

CVE-2024-30273

Illustrator versions 28.3, 27.9.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitatio…

CVSS: 7.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2024-30272

Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of th…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-30271

Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of th…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-20795

Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitat…

CVSS: 7.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2024-29399

An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.

CVSS: 7.6 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Medium

CVE-2024-30885

Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component .

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2024-30884

Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the prim…

CVSS: 7.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Critical

CVE-2024-21508

Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Medium

CVE-2024-2742

Operating system command injection vulnerability in Planet IGS-4215-16T2S, affecting firmware version 1.305b210528. An authenticated attacker could execute arbitrary code on the remote host by exploi…

CVSS: 6.4 CWE: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') View on NVD
Critical

CVE-2024-29937

NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption.

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2024-04-10
Critical

CVE-2024-31997

XWiki Platform is a generic wiki platform. Prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, parameters of UI extensions are always interpreted as Velocity code and executed with programming rights.…

CVSS: 9.9 CWE: CWE-862 - Missing Authorization View on NVD
Critical

CVE-2024-31996

XWiki Platform is a generic wiki platform. Starting in version 3.0.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, the HTML escaping of escaping tool that is used in XWiki doesn't escape `{`…

CVSS: 10.0 CWE: CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') View on NVD
Critical

CVE-2024-31988

XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary rem…

CVSS: 9.6 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD
Critical

CVE-2024-31987

XWiki Platform is a generic wiki platform. Starting in version 6.4-milestone-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, any user who can edit any page like their profile can create a cu…

CVSS: 9.9 CWE: CWE-862 - Missing Authorization View on NVD
Critical

CVE-2024-31986

XWiki Platform is a generic wiki platform. Starting in version 3.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, by creating a document with a special crafted documented reference and an `XW…

CVSS: 9.0 CWE: CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') View on NVD
Critical

CVE-2024-31984

XWiki Platform is a generic wiki platform. Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to…

CVSS: 9.9 CWE: CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') View on NVD
Critical

CVE-2024-31983

XWiki Platform is a generic wiki platform. In multilingual wikis, translations can be edited by any user who has edit right, circumventing the rights that are normally required for authoring translat…

CVSS: 9.9 CWE: CWE-862 - Missing Authorization View on NVD
Critical

CVE-2024-31982

XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the…

CVSS: 10.0 CWE: CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') View on NVD
Critical

CVE-2024-31981

XWiki Platform is a generic wiki platform. Starting in version 3.0.1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, remote code execution is possible via PDF export templates. This vulnerabil…

CVSS: 9.9 CWE: CWE-862 - Missing Authorization View on NVD
Critical

CVE-2024-31819

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Critical

CVE-2024-29500

An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance.

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Critical

CVE-2024-31214

Traccar is an open source GPS tracking system. Traccar versions 5.1 through 5.12 allow arbitrary files to be uploaded through the device image upload API. Attackers have full control over the file co…

CVSS: 9.6 CWE: CWE-434 - Unrestricted Upload of File with Dangerous Type View on NVD
Critical

CVE-2024-3568

The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` clas…

CVSS: 9.6 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD
Critical

CVE-2024-3098

A vulnerability was identified in the `exec_utils` class of the `llama_index` package, specifically within the `safe_eval` function, allowing for prompt injection leading to arbitrary code execution.…

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Critical

CVE-2024-2952

BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. The vulnerability arises from the `hf_chat_template` method processing the `chat_template` para…

CVSS: 9.8 CWE: CWE-76 - Improper Neutralization of Equivalent Special Elements View on NVD
Critical

CVE-2024-2221

qdrant/qdrant is vulnerable to a path traversal and arbitrary file upload vulnerability via the `/collections/{COLLECTION}/snapshots/upload` endpoint, specifically through the `snapshot` parameter. T…

CVSS: 9.8 CWE: CWE-434 - Unrestricted Upload of File with Dangerous Type View on NVD
Critical

CVE-2024-2195

A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerabili…

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
High

CVE-2024-1728

gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to re…

CVSS: 7.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2024-1602

parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting (XSS) that leads to Remote Code Execution (RCE). The vulnerability arises due to inadequate sanitization and validation of model out…

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2024-31492

An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or…

CVSS: 8.2 CWE: CWE-73 - External Control of File Name or Path View on NVD
High

CVE-2024-20772

Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…

CVSS: 7.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Critical

CVE-2024-20758

Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution on the underlyin…

CVSS: 9.0 CWE: CWE-20 - Improper Input Validation View on NVD
Critical

CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size…

CVSS: 9.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2024-3119

A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in s…

CVSS: 9.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2024-04-09
High

CVE-2024-3446

A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues.…

CVSS: 8.2 CWE: CWE-415 - Double Free View on NVD
Medium

CVE-2024-3214

The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrus…

CVSS: 5.8 CWE: CWE-1236 - Improper Neutralization of Formula Elements in a CSV File View on NVD
Critical

CVE-2024-3136

The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated att…

CVSS: 9.8 CWE: CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') View on NVD
High

CVE-2024-25115

RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, specially crafted `CF.LOADCHUNK` commands may be used by authenticate…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-29985

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29984

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29983

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29982

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29066

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD
High

CVE-2024-29053

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-36 - Absolute Path Traversal View on NVD
High

CVE-2024-29050

Windows Cryptographic Services Remote Code Execution Vulnerability

CVSS: 8.4 CWE: CWE-197 - Numeric Truncation Error View on NVD
High

CVE-2024-29048

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29047

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29046

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29045

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 7.5 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2024-29044

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-29043

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-28945

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
High

CVE-2024-28944

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-197 - Numeric Truncation Error View on NVD
High

CVE-2024-28943

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28942

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2024-28941

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28940

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28939

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-209 - Generation of Error Message Containing Sensitive Information View on NVD
High

CVE-2024-28938

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2024-28937

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28936

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2024-28935

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28934

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2024-28933

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
High

CVE-2024-28932

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28931

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2024-28930

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
High

CVE-2024-28929

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2024-28927

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28926

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28915

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28914

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28913

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28912

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28911

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28910

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28909

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28908

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-28906

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-26257

Microsoft Excel Remote Code Execution Vulnerability

CVSS: 7.8 CWE: CWE-415 - Double Free View on NVD
High

CVE-2024-26256

Libarchive Remote Code Execution Vulnerability

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-26253

Windows rndismp6.sys Remote Code Execution Vulnerability

CVSS: 6.8 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2024-26252

Windows rndismp6.sys Remote Code Execution Vulnerability

CVSS: 6.8 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD
High

CVE-2024-26244

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
High

CVE-2024-26233

Windows DNS Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26232

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVSS: 7.3 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2024-26231

Windows DNS Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26227

Windows DNS Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26224

Windows DNS Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26223

Windows DNS Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26222

Windows DNS Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26221

Windows DNS Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26214

Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-26210

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-26208

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
High

CVE-2024-26205

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-26202

DHCP Server Service Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-26200

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-26195

DHCP Server Service Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-26193

Azure Migrate Remote Code Execution Vulnerability

CVSS: 6.4 CWE: CWE-285 - Improper Authorization View on NVD
High

CVE-2024-26179

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-21409

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVSS: 7.3 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-21323

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-36 - Absolute Path Traversal View on NVD
High

CVE-2024-21322

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVSS: 7.2 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD
High

CVE-2024-20678

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2023-49913

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-49912

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-49911

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-49910

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-49909

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-49908

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-49907

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-49906

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A spe…

CVSS: 7.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2023-48784

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a…

CVSS: 6.7 CWE: CWE-134 - Use of Externally-Controlled Format String View on NVD
High

CVE-2024-2224

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on v…

CVSS: 8.1 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
2024-04-08
Medium

CVE-2024-0083

NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause a cross-site scripting error by network by running malicious scripts in users' browsers. A successful exploi…

CVSS: 6.5 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Critical

CVE-2024-31224

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the clien…

CVSS: 9.8 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD
High

CVE-2024-31811

TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the langType parameter in the setLanguageCfg function.

CVSS: 8.0 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD