Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote code execution vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2020-17023
<p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the ...
Microsoft Visual Studio Code -
1 Github repository
1 Article
6.5
CVSSv2
CVE-2020-2189
Jenkins SCM Filter Jervis Plugin 0.2.1 and previous versions does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
Jenkins Source Code Management Filter Jervis
9.3
CVSSv2
CVE-2013-1296
The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote malicious users to execute arbitrary code via a web page that triggers access to a deleted object, and allow...
Microsoft Remote Desktop Connection 7.0
Microsoft Remote Desktop Connection 6.1
1 Article
6.8
CVSSv2
CVE-2021-26700
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
Microsoft Visual Studio Code Npm-script Extension
2 Github repositories
6.8
CVSSv2
CVE-2021-31213
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
Microsoft Remote
7.5
CVSSv2
CVE-2014-2913
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and previous versions allows remote malicious users to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple par...
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
Nagios Remote Plugin Executor
Opensuse Opensuse 13.1
2 EDB exploits
6.8
CVSSv2
CVE-2012-2496
A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x prior to 3.0 MR7 on 64-bit Linux platforms does not properly restrict use of Java components, which allows remote malicious users to execute arbitrar...
Cisco Anyconnect Secure Mobility Client 3.0
6.8
CVSSv2
CVE-2021-21353
Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug templ...
Pugjs Pug
Pugjs Pug-code-gen
9.3
CVSSv2
CVE-2021-27083
Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
Microsoft Remote Development -
6.8
CVSSv2
CVE-2021-28470
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability
Microsoft Visual Studio Code Github Pull Requests And Issues
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »