Export limit exceeded: 343363 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10092 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10092 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50628 | 1 Digi | 7 Connectport Lts 16, Connectport Lts 16 Mei, Connectport Lts 16 Mei 2ac and 4 more | 2025-06-27 | 8.8 High |
| An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues. | ||||
| CVE-2025-46616 | 1 Quantum | 1 Stornext | 2025-06-27 | 9.9 Critical |
| Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage. | ||||
| CVE-2025-29902 | 2 Rts, Telex | 2 Vlink Virtual Matrix Software, Remote Dispatch Console Server | 2025-06-27 | 10 Critical |
| Remote code execution that allows unauthorized users to execute arbitrary code on the server machine. | ||||
| CVE-2024-22274 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2025-06-27 | 7.2 High |
| The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system. | ||||
| CVE-2025-27520 | 1 Bentoml | 1 Bentoml | 2025-06-27 | 9.8 Critical |
| BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3. | ||||
| CVE-2018-14671 | 1 Clickhouse | 1 Clickhouse | 2025-06-25 | N/A |
| In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability. | ||||
| CVE-2022-30194 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-06-24 | 7.5 High |
| Windows WebBrowser Control Remote Code Execution Vulnerability | ||||
| CVE-2022-30176 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2025-06-24 | 7.8 High |
| Azure RTOS GUIX Studio Remote Code Execution Vulnerability | ||||
| CVE-2022-30175 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2025-06-24 | 7.8 High |
| Azure RTOS GUIX Studio Remote Code Execution Vulnerability | ||||
| CVE-2024-31473 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2025-3642 | 1 Moodle | 1 Moodle | 2025-06-24 | 8.8 High |
| A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled. | ||||
| CVE-2025-3641 | 1 Moodle | 1 Moodle | 2025-06-24 | 8.8 High |
| A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled. | ||||
| CVE-2024-31472 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-31471 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-31470 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-31469 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-31468 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-31467 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-31466 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2025-06-24 | 9.8 Critical |
| There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2025-6002 | 1 Virtuemart | 1 Virtuemart | 2025-06-24 | 7.2 High |
| An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts depending on server configuration. | ||||