Export limit exceeded: 348303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10627 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10249 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-22785 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22784 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22783 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-45824 | 1 Rockwellautomation | 1 Factorytalk View | 2025-01-31 | 9.8 Critical |
| CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains patches to fix this issue. | ||||
| CVE-2023-27972 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2025-01-30 | 9.8 Critical |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. | ||||
| CVE-2023-27973 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2025-01-30 | 9.8 Critical |
| Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. | ||||
| CVE-2023-30854 | 1 Wwbn | 1 Avideo | 2025-01-30 | 8.8 High |
| AVideo is an open source video platform. Prior to version 12.4, an OS Command Injection vulnerability in an authenticated endpoint `/plugin/CloneSite/cloneClient.json.php` allows attackers to achieve Remote Code Execution. This issue is fixed in version 12.4. | ||||
| CVE-2023-39469 | 1 Papercut | 2 Papercut Mf, Papercut Ng | 2025-01-30 | 7.2 High |
| PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw exists within the External User Lookup functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute Java code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21013. | ||||
| CVE-2024-25995 | 1 Phoenixcontact | 12 Charx Sec-3000, Charx Sec-3000 Firmware, Charx Sec-3050 and 9 more | 2025-01-30 | 9.8 Critical |
| An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation. | ||||
| CVE-2023-29963 | 1 S-cms | 1 S-cms | 2025-01-29 | 7.2 High |
| S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php. | ||||
| CVE-2023-31099 | 1 Zohocorp | 1 Manageengine Opmanager | 2025-01-29 | 8.8 High |
| Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers. | ||||
| CVE-2023-30065 | 1 Mitrastar | 2 Gpt-2741gnac-n2, Gpt-2741gnac-n2 Firmware | 2025-01-29 | 8.8 High |
| MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function. | ||||
| CVE-2023-24958 | 1 Ibm | 6 3948-ved, 3948-ved Firmware, 3957-vec and 3 more | 2025-01-29 | 8.8 High |
| A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320. | ||||
| CVE-2023-22780 | 1 Hp | 2 Arubaos, Instantos | 2025-01-29 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22779 | 1 Hp | 2 Arubaos, Instantos | 2025-01-29 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2022-36330 | 1 Westerndigital | 6 My Cloud Home, My Cloud Home Duo, My Cloud Home Duo Firmware and 3 more | 2025-01-28 | 1.9 Low |
| A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191. | ||||
| CVE-2023-31587 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-01-27 | 9.8 Critical |
| Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | ||||
| CVE-2023-30353 | 1 Tenda | 2 Cp3, Cp3 Firmware | 2025-01-27 | 9.8 Critical |
| Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. | ||||
| CVE-2023-32336 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-01-27 | 8.8 High |
| IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285. | ||||
| CVE-2023-31502 | 1 Apsystems | 3 Alternergy Power Control Software, Ecu-c, Ecu-r | 2025-01-27 | 7.2 High |
| Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the component /models/management_model.php. | ||||