Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6619
Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/.
Netlab Classsystem 2.3
1 EDB exploit
NA
CVE-2011-2745
upload_handler.php in the swfupload extension in Chyrp 2.0 and previous versions relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users to upload a .php file, and consequently execute arbitrary PHP code, vi...
Chyrp Chyrp
1 EDB exploit
7.8
CVSSv3
CVE-2019-1605
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local malicious user to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sendin...
Cisco Nx-os
NA
CVE-2014-7884
Multiple unspecified vulnerabilities in HP ArcSight Logger prior to 6.0P1 have unknown impact and remote authenticated attack vectors.
Hp Arcsight Logger 6.0
1 EDB exploit
NA
CVE-2013-4495
The send_the_mail function in server/svr_mail.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) prior to 4.2.6 allows remote malicious users to execute arbitrary commands via shell metacharacters in the email (-M switch) to qsub.
Adaptivecomputing Torque Resource Manager
Adaptivecomputing Torque Resource Manager 4.1.5.1
Adaptivecomputing Torque Resource Manager 4.1.3
Adaptivecomputing Torque Resource Manager 3.0.4
Adaptivecomputing Torque Resource Manager 3.0.3
Adaptivecomputing Torque Resource Manager 2.5.6
Adaptivecomputing Torque Resource Manager 2.5.5
Adaptivecomputing Torque Resource Manager 2.5.10
Adaptivecomputing Torque Resource Manager 2.5.1
Adaptivecomputing Torque Resource Manager 2.5.0
Adaptivecomputing Torque Resource Manager 2.4.3
Adaptivecomputing Torque Resource Manager 2.4.2
Adaptivecomputing Torque Resource Manager 2.4.11
Adaptivecomputing Torque Resource Manager 2.4.10
Adaptivecomputing Torque Resource Manager 2.3.3
Adaptivecomputing Torque Resource Manager 2.3.2
Adaptivecomputing Torque Resource Manager 2.3.13
Adaptivecomputing Torque Resource Manager 2.2.0
Adaptivecomputing Torque Resource Manager 2.1.9
Adaptivecomputing Torque Resource Manager 2.1.10
Adaptivecomputing Torque Resource Manager 2.0.0
Adaptivecomputing Torque Resource Manager 4.2.4.1
NA
CVE-2008-1585
Apple QuickTime prior to 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote malicious users to execute arbitrary programs, as originally dem...
Apple Quicktime
NA
CVE-2005-2612
Direct code injection vulnerability in WordPress 1.5.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5
1 EDB exploit
NA
CVE-2002-0688
ZCatalog plug-in index support capability for Zope 2.4.0 up to and including 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
Zope Zope 2.5.1
Zope Zope 2.4.0
NA
CVE-2010-3036
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services prior to 4.0 allow remote malicious users to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
Cisco Ciscoworks Common Services 3.2
Cisco Ciscoworks Common Services 3.3
Cisco Ciscoworks Common Services 3.0.5
Cisco Ciscoworks Common Services 3.0.6
Cisco Ciscoworks Common Services 3.1
Cisco Ciscoworks Common Services 3.1.1
Cisco Unified Operations Manager 2.0.2
Cisco Unified Operations Manager 2.0.3
Cisco Ciscoworks Lan Management Solution 3.0
Cisco Ciscoworks Lan Management Solution 3.1
Cisco Unified Service Monitor 2.0.1
Cisco Qos Policy Manager 4.0
Cisco Ciscoworks Lan Management Solution 3.2
Cisco Security Manager 3.0.2
Cisco Security Manager 3.2
Cisco Qos Policy Manager 4.0.1
Cisco Qos Policy Manager 4.0.2
Cisco Telepresence Readiness Assessment Manager 1.0
Cisco Unified Operations Manager 2.0.1
Cisco Ciscoworks Lan Management Solution 2.6
8.8
CVSSv3
CVE-2013-7325
An issue exists in uscan in devscripts prior to 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
Debian Devscripts
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »