Export limit exceeded: 10103 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10103 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21480 | 1 Sap | 1 Manufacturing Integration And Intelligence | 2025-05-05 | 8.8 High |
| SAP MII allows users to create dashboards and save them as JSP through the SSCE (Self Service Composition Environment). An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAP_XMII Developer role, malicious content in the dashboard gets executed, leading to remote code execution in the server, which allows privilege escalation. The malicious JSP code can contain certain OS commands, through which an attacker can read sensitive files in the server, modify files or even delete contents in the server thus compromising the confidentiality, integrity and availability of the server hosting the SAP MII application. Also, an attacker authenticated as a developer can use the application to upload and execute a file which will permit them to execute operating systems commands completely compromising the server hosting the application. | ||||
| CVE-2024-4323 | 1 Treasuredata | 1 Fluent Bit | 2025-05-05 | 9.8 Critical |
| A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution. | ||||
| CVE-2023-39143 | 2 Microsoft, Papercut | 3 Windows, Papercut Mf, Papercut Ng | 2025-05-05 | 9.8 Critical |
| PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration). | ||||
| CVE-2023-29468 | 1 Ti | 1 Wilink8-wifi-mcp8 | 2025-05-05 | 9.8 Critical |
| The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier. | ||||
| CVE-2024-21591 | 1 Juniper | 1 Junos | 2025-05-05 | 9.8 Critical |
| An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * Junos OS 21.2 versions earlier than 21.2R3-S7; * Junos OS 21.3 versions earlier than 21.3R3-S5; * Junos OS 21.4 versions earlier than 21.4R3-S5; * Junos OS 22.1 versions earlier than 22.1R3-S4; * Junos OS 22.2 versions earlier than 22.2R3-S3; * Junos OS 22.3 versions earlier than 22.3R3-S2; * Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3. | ||||
| CVE-2022-24942 | 1 Silabs | 1 Micrium Uc-http | 2025-05-05 | 9.1 Critical |
| Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request. | ||||
| CVE-2024-21318 | 1 Microsoft | 1 Sharepoint Server | 2025-05-03 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2024-20700 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-03 | 7.5 High |
| Windows Hyper-V Remote Code Execution Vulnerability | ||||
| CVE-2024-20682 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-05-03 | 7.8 High |
| Windows Cryptographic Services Remote Code Execution Vulnerability | ||||
| CVE-2024-20677 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-05-03 | 7.8 High |
| A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update. | ||||
| CVE-2024-20676 | 1 Microsoft | 1 Azure Storage Mover | 2025-05-03 | 8 High |
| Azure Storage Mover Remote Code Execution Vulnerability | ||||
| CVE-2024-21399 | 1 Microsoft | 1 Edge Chromium | 2025-05-03 | 8.3 High |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||||
| CVE-2024-21391 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-21378 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-05-03 | 8.8 High |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2024-21370 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-21365 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-21359 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-21347 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 7.5 High |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2024-21341 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-03 | 6.8 Medium |
| Windows Kernel Remote Code Execution Vulnerability | ||||
| CVE-2024-21420 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||