Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-37454
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows malicious users to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
Extended Keccak Code Package Project Extended Keccak Code Package -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Php Php
Python Python
Sha3 Project Sha3
Pysha3 Project Pysha3
Pypy Pypy
1 Github repository
5
CVSSv2
CVE-2021-25664
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1...
Siemens Nucleus Source Code -
Siemens Capital Vstar -
Siemens Nucleus Net -
Siemens Nucleus Readystart V3
Siemens Nucleus Readystart V4
5
CVSSv2
CVE-2021-31344
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE ...
Siemens Nucleus Source Code
Siemens Nucleus Net
Siemens Capital Vstar
Siemens Nucleus Readystart V4
Siemens Nucleus Readystart V3
Siemens Apogee Modular Building Controller Firmware
Siemens Apogee Modular Equiment Controller Firmware
Siemens Apogee Pxc Compact Firmware
Siemens Apogee Pxc Modular Firmware
Siemens Talon Tc Compact Firmware
Siemens Talon Tc Modular Firmware
6.8
CVSSv2
CVE-2011-3230
Apple Safari prior to 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote malicious users to execute arbitrary code via a crafted web site.
Apple Safari
Apple Safari 5.0.6
Apple Safari 4.1.2
Apple Safari 4.1.1
Apple Safari 4.1
Apple Safari 4.0.0b
Apple Safari 4.0
Apple Safari 3.1.2b
Apple Safari 3.1.2
Apple Safari 3.0.4b
Apple Safari 3.0.4
Apple Safari 3.0.2b
Apple Safari 3.0.2
Apple Safari 3.0.0b
Apple Safari 2.0.3
Apple Safari 2
Apple Safari 1.3.2
Apple Safari 1.2.4
Apple Safari 1.2.3
Apple Safari 1.0b1
Apple Safari 1.0
Apple Safari 1.0.0b2
1 EDB exploit
7.5
CVSSv2
CVE-2004-0285
PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote malicious users to execute arbitrary PHP code via a URL in the _AMVconfig[cfg_serverpath] parameter.
Allmyguests Project Allmyguests 0.4.1
Allmyguests Project Allmyguests 0.4
Allmyguests Project Allmyguests 0.3
Allmyguests Project Allmyguests 0.1.2
Allmylinks Project Allmylinks 0.3
Allmylinks Project Allmylinks 0.4
Allmylinks Project Allmylinks 0.4.1
Allmylinks Project Allmylinks 0.4.3
Allmylinks Project Allmylinks 0.4.4
Allmylinks Project Allmylinks 0.4.9
Allmylinks Project Allmylinks 0.5
Allmyvisitors Project Allmyvisitors 0.4
Allmyvisitors Project Allmyvisitors 0.3
3 EDB exploits
4.6
CVSSv2
CVE-2001-0653
Sendmail 8.10.0 up to and including 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
Sendmail Sendmail 8.12
Sendmail Sendmail 8.11.0
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.2
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.11.5
4 EDB exploits
6.8
CVSSv2
CVE-2019-13623
In NSA Ghidra prior to 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows malicious users to overwrite arbitrary files in scenarios where a...
Nsa Ghidra
1 EDB exploit
7.2
CVSSv2
CVE-2003-1051
Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Ibm Db2 9.0
3 EDB exploits
9.3
CVSSv2
CVE-2012-1661
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and previous versions does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote malicious users to execute arbitrary VBA code via a crafted map (.mxd) file.
Esri Arcgis
Esri Arcgis 9.0
Esri Arcmap 9.0
1 EDB exploit
7.5
CVSSv2
CVE-2004-1456
filediff in CVStrac allows remote malicious users to execute arbitrary commands via shell metacharacters in rcsinfo.
Cvstrac Cvstrac 1.1.3
Cvstrac Cvstrac 1.1
Cvstrac Cvstrac 1.1.1
Cvstrac Cvstrac 1.1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »