Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
code execution vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-21991
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
Microsoft Visual Studio Code -
7.8
CVSSv3
CVE-2019-0091
Code injection vulnerability in installer for Intel(R) CSME prior to 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
Intel Converged Security And Management Engine
Intel Trusted Execution Technology
8.8
CVSSv3
CVE-2021-21677
Jenkins Code Coverage API Plugin 1.4.0 and previous versions does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability.
Jenkins Code Coverage Api
6.2
CVSSv3
CVE-2018-12199
Buffer overflow in an OS component in Intel CSME prior to 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version prior to 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.
Intel Trusted Execution Engine Firmware
Intel Converged Security Management Engine Firmware
9.9
CVSSv3
CVE-2022-28802
Code by Zapier prior to 2022-08-17 allowed intra-account privilege escalation that included execution of Python or JavaScript code. In other words, Code by Zapier was providing a customer-controlled general-purpose virtual machine that unintentionally granted full access to all u...
Zapier Code By Zapier
7
CVSSv3
CVE-2020-16977
<p>A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged...
Microsoft Visual Studio Code -
1 Github repository
7.8
CVSSv3
CVE-2020-0604
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on...
Microsoft Visual Studio Code
7.8
CVSSv3
CVE-2020-16881
<p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the ...
Microsoft Visual Studio Code
7.8
CVSSv3
CVE-2020-17023
<p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the ...
Microsoft Visual Studio Code -
1 Github repository
1 Article
8.8
CVSSv3
CVE-2020-1481
A remote code execution vulnerability exists in the ESLint extension for Visual Studio Code when it validates source code after opening a project, aka 'Visual Studio Code ESLint Extention Remote Code Execution Vulnerability'.
Microsoft Visual Studio Code Eslint Extension
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »