Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2008-6619
Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/.
Netlab Classsystem 2.3
1 EDB exploit
655
VMScore
CVE-2011-2745
upload_handler.php in the swfupload extension in Chyrp 2.0 and previous versions relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users to upload a .php file, and consequently execute arbitrary PHP code, vi...
Chyrp Chyrp
1 EDB exploit
641
VMScore
CVE-2019-1605
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local malicious user to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sendin...
Cisco Nx-os
NA
CVE-2023-38146
Windows Themes Remote Code Execution Vulnerability
Microsoft Windows 11 22h2
Microsoft Windows 11 21h2
5 Github repositories
578
VMScore
CVE-2013-7325
An issue exists in uscan in devscripts prior to 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
Debian Devscripts
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
605
VMScore
CVE-2013-7050
The get_main_source_dir function in scripts/uscan.pl in devscripts prior to 2.13.8, when using USCAN_EXCLUSION, allows remote malicious users to execute arbitrary commands via shell metacharacters in a directory name.
Devscripts Devel Team Devscripts 2.13.5
Devscripts Devel Team Devscripts 2.13.2
Devscripts Devel Team Devscripts
Devscripts Devel Team Devscripts 2.13.4
Devscripts Devel Team Devscripts 2.13.1
Devscripts Devel Team Devscripts 2.13.0
Devscripts Devel Team Devscripts 2.13.6
Devscripts Devel Team Devscripts 2.13.3
668
VMScore
CVE-2002-0688
ZCatalog plug-in index support capability for Zope 2.4.0 up to and including 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
Zope Zope 2.5.1
Zope Zope 2.4.0
NA
CVE-2023-31873
Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require('child_process').
Gin Project Gin 0.7.4
231
VMScore
CVE-2008-2960
Cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.
Phpmyadmin Phpmyadmin 2.10.0
Phpmyadmin Phpmyadmin 2.10.0.1
Phpmyadmin Phpmyadmin 2.11.0rc1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.3rc1
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.10.3
Phpmyadmin Phpmyadmin 2.10.3rc1
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.10.0.2
Phpmyadmin Phpmyadmin 2.10.1
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.4rc1
Phpmyadmin Phpmyadmin 2.11.0
641
VMScore
CVE-2019-20357
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vul...
Trendmicro Antivirus \\+ Security 2019 15.0
Trendmicro Antivirus \\+ Security 2020 16.0
Trendmicro Internet Security 2019 15.0
Trendmicro Internet Security 2020 16.0
Trendmicro Maximum Security 2019 15.0
Trendmicro Maximum Security 2020 16.0
Trendmicro Premium Security 2019 15.0
Trendmicro Premium Security 2020 16.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »