Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-16881
<p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the ...
Microsoft Visual Studio Code
7.8
CVSSv3
CVE-2019-1414
An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka 'Visual Studio Code Elevation of Privilege Vulnerability'.
Microsoft Visual Studio Code
5.5
CVSSv3
CVE-2023-46021
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary commands via the 'reqid' parameter.
Code-projects Blood Bank 1.0
1 Github repository
NA
CVE-2012-4655
The WebLaunch feature in Cisco Secure Desktop prior to 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote malicious users to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSC...
Cisco Secure Desktop 3.1.1.33
Cisco Secure Desktop 3.6.3002
Cisco Secure Desktop 3.6.185
Cisco Secure Desktop 3.5
Cisco Secure Desktop 3.3
Cisco Secure Desktop 3.6.2002
Cisco Secure Desktop 3.1.1.45
Cisco Secure Desktop 3.4.2048
Cisco Secure Desktop 3.6.181
Cisco Secure Desktop 3.6.1001
Cisco Secure Desktop 3.1.1
Cisco Secure Desktop 3.5.841
Cisco Secure Desktop 3.5.2008
Cisco Secure Desktop 3.2
Cisco Secure Desktop 3.5.2001
Cisco Secure Desktop 3.2.1
Cisco Secure Desktop 3.4
Cisco Secure Desktop 3.1.1.27
Cisco Secure Desktop 3.5.1077
Cisco Secure Desktop 3.4.2
Cisco Secure Desktop 3.6.5005
Cisco Secure Desktop 3.6.4021
NA
CVE-2012-2493
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x prior to 2.5 MR6 on Windows, and 2.x prior to 2.5 MR6 and 3.x prior to 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader ...
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.3.254
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 3.0
NA
CVE-2012-2494
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x prior to 2.5 MR6 and 3.x prior to 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote malicious users to fo...
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.3.254
5.4
CVSSv3
CVE-2023-46580
Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows malicious users to execute arbitrary code via the pname parameter of the editProduct.php component.
Code-projects Inventory Management 1.0
1 Github repository
6.1
CVSSv3
CVE-2023-46019
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary code via the 'error' parameter.
Code-projects Blood Bank 1.0
1 Github repository
NA
CVE-2009-1624
Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the show parameter.
Dew-code Dew-newphplinks 2.0
1 EDB exploit
6.1
CVSSv3
CVE-2023-46015
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary code via 'msg' parameter in application URL.
Code-projects Blood Bank 1.0
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »