Export limit exceeded: 359576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10537 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37052 | 1 Ubiquiti | 1 Aircontrol | 2026-04-15 | 9.8 Critical |
| AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through malicious Java expression injection. Attackers can exploit the /.seam endpoint by crafting a specially constructed URL with embedded Java expressions to run commands with the application's system privileges. | ||||
| CVE-2024-27177 | 1 Toshibatec | 50 E-studio-2010-ac, E-studio-2015-nc, E-studio-2018 A and 47 more | 2026-04-15 | 7.2 High |
| An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying package name variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL. | ||||
| CVE-2025-62381 | 1 Sveltekit-superforms | 1 Sveltekit-superforms | 2026-04-15 | N/A |
| sveltekit-superforms makes SvelteKit forms a pleasure to use. sveltekit-superforms v2.27.3 and prior are susceptible to a prototype pollution vulnerability within the parseFormData function of formData.js. An attacker can inject string and array properties into Object.prototype, leading to denial of service, type confusion, and potential remote code execution in downstream applications that rely on polluted objects. This vulnerability is fixed in 2.27.4. | ||||
| CVE-2024-5826 | 1 Vanna-ai | 1 Vanna | 2026-04-15 | N/A |
| In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server. | ||||
| CVE-2024-34393 | 1 Libxmljs Project | 1 Libxmljs | 2026-04-15 | 8.1 High |
| libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled). | ||||
| CVE-2024-39906 | 1 Havenweb | 1 Haven | 2026-04-15 | 8.4 High |
| A command injection vulnerability was found in the IndieAuth functionality of the Ruby on Rails based Haven blog web application. The affected functionality requires authentication, but an attacker can craft a link that they can pass to a logged in administrator of the blog software. This leads to the immediate execution of the provided commands when the link is accessed by the authenticated administrator. This issue may lead to Remote Code Execution (RCE) and has been addressed by commit `c52f07c`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2025-50475 | 1 Russound | 1 Mbx Pre D67f | 2026-04-15 | 9.8 Critical |
| An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute arbitrary commands as root via crafted input to the hostname parameter in network configuration requests. This vulnerability stems from improper neutralization of special elements used in an OS command within the network configuration handler, enabling remote code execution with the highest privileges. | ||||
| CVE-2024-22472 | 2026-04-15 | 8.1 High | ||
| A buffer Overflow vulnerability in Silicon Labs 500 Series Z-Wave devices may allow Denial of Service, and potential Remote Code execution This issue affects all versions of Silicon Labs 500 Series SDK prior to v6.85.2 running on Silicon Labs 500 series Z-wave devices. | ||||
| CVE-2024-10771 | 1 Sick | 3 Inspector61x Firmware, Inspector62x Firmware, Tim3xx | 2026-04-15 | 8.8 High |
| Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. With network access and the user level ”Service”, an attacker can execute arbitrary system commands in the root user’s contexts. | ||||
| CVE-2025-55300 | 2026-04-15 | N/A | ||
| Komari is a lightweight, self-hosted server monitoring tool designed to provide a simple and efficient solution for monitoring server performance. Prior to 1.0.4-fix1, WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking (CSWSH) attacks against authenticated users. Any third party website can send requests to the terminal websocket endpoint with browser's cookies, resulting in remote code execution. This vulnerability is fixed in 1.0.4-fix1. | ||||
| CVE-2023-41917 | 2026-04-15 | 10 Critical | ||
| Inadequate input validation exposes the system to potential remote code execution (RCE) risks. Attackers can exploit this vulnerability by appending shell commands to the Speed-Measurement feature, enabling unauthorized code execution. | ||||
| CVE-2024-13723 | 2026-04-15 | 7.2 High | ||
| The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP. | ||||
| CVE-2025-53120 | 1 Securden | 1 Unified Pam | 2026-04-15 | 9.4 Critical |
| A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server. | ||||
| CVE-2011-10013 | 1 Traq | 1 Traq | 2026-04-15 | N/A |
| Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code. | ||||
| CVE-2024-48871 | 1 Planet Technology Corp | 1 Wgs-804hpt Firmware | 2026-04-15 | 9.8 Critical |
| The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution. | ||||
| CVE-2024-36115 | 1 Dzikoysk | 1 Reposilite | 2026-04-15 | 7.1 High |
| Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. As a Maven repository manager, Reposilite provides the ability to view the artifacts content in the browser, as well as perform administrative tasks via API. The problem lies in the fact that the artifact's content is served via the same origin (protocol/host/port) as the Admin UI. If the artifact contains HTML content with javascript inside, the javascript is executed within the same origin. Therefore, if an authenticated user is viewing the artifacts content, the javascript inside can access the browser's local storage where the user's password (aka 'token-secret') is stored. It is especially dangerous in scenarios where Reposilite is configured to mirror third party repositories, like the Maven Central Repository. Since anyone can publish an artifact to Maven Central under its own name, such malicious packages can be used to attack the Reposilite instance. This issue may lead to the full Reposilite instance compromise. If this attack is performed against the admin user, it's possible to use the admin API to modify settings and artifacts on the instance. In the worst case scenario, an attacker would be able to obtain the Remote code execution on all systems that use artifacts from Reposilite. It's important to note that the attacker does not need to lure a victim user to use a malicious artifact, but just open a link in the browser. This link can be silently loaded among the other HTML content, making this attack unnoticeable. Even if the Reposilite instance is located in an isolated environment, such as behind a VPN or in the local network, this attack is still possible as it can be performed from the admin browser. Reposilite has addressed this issue in version 3.5.12. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue was discovered and reported by the GitHub Security lab and is also tracked as GHSL-2024-072. | ||||
| CVE-2024-45199 | 2026-04-15 | 8.8 High | ||
| insightsoftware Hive JDBC through 2.6.13 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution. | ||||
| CVE-2024-34394 | 1 Marudor | 1 Libxmljs2 | 2026-04-15 | 8.1 High |
| libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes XmlNode::get_local_namespaces()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution. | ||||
| CVE-2025-2611 | 1 Ict Innovations | 1 Ictbroadcast | 2026-04-15 | N/A |
| The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling. Versions 7.4 and below are known to be vulnerable. | ||||
| CVE-2025-14905 | 1 Redhat | 12 Directory Server, Directory Server E4s, Directory Server Eus and 9 more | 2026-04-15 | 7.2 High |
| A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE). | ||||