Export limit exceeded: 21195 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21195 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-65882 | 1 Openmptcprouter | 1 Openmptcprouter | 2026-01-02 | 9.8 Critical |
| An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function create_xor_ipad_opad allowing attackers to potentially write arbitrary files or execute arbitrary commands. | ||||
| CVE-2020-36885 | 1 Sony | 3 Ipela Network Camera, Snc-dh120t, Snc-dh120t Firmware | 2026-01-02 | 9.8 Critical |
| Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allows remote attackers to execute arbitrary code. Attackers can exploit the vulnerability by sending a crafted POST request with oversized data to the FTP client functionality, potentially causing remote code execution or denial of service. | ||||
| CVE-2025-67164 | 1 Pagekit | 1 Pagekit | 2026-01-02 | 9.9 Critical |
| An authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arbitrary code via uploading a crafted PHP file. | ||||
| CVE-2025-38068 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-02 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the buffer length provided by the caller. Add a safe compression interface that checks for the end of buffer before each write. Use the safe interface in crypto/lzo. | ||||
| CVE-2020-5179 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 7.2 High |
| Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.) | ||||
| CVE-2020-7243 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 7.2 High |
| Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. (In some cases, authentication can be achieved with the comtech password for the comtech account.) | ||||
| CVE-2020-7244 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 7.2 High |
| Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router IP Address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.) | ||||
| CVE-2020-7242 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 7.2 High |
| Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Diagnostics Trace Route page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.) | ||||
| CVE-2019-16790 | 1 Prasathmani | 1 Tiny File Manager | 2025-12-31 | 6.5 Medium |
| In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted. | ||||
| CVE-2016-15048 | 1 Amttgroup | 2 Hibos, Hotel Broadband Operation System | 2025-12-31 | 9.8 Critical |
| AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection vulnerability in the /manager/radius/server_ping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An attacker can insert shell metacharacters into the ip parameter to inject and execute arbitrary system commands as the web server user. The initial third-party disclosure in 2016 recommended contacting the vendor for remediation guidance. Additionally, this product may have been rebranded under a different name. VulnCheck has observed this vulnerability being exploited in the wild as of 2025-10-14 at 04:45:53.510819 UTC. | ||||
| CVE-2025-63408 | 2 Ispyconnect, Ispysoftware | 2 Agent Dvr, Agent Dvr | 2025-12-31 | 5.1 Medium |
| Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request (SSRF), or execute OS commands. | ||||
| CVE-2025-56130 | 1 Ruijie | 4 Rg-nbs5100-24gt4sfp, Rg-nbs5100-24gt4sfp Firmware, Rg-s1930 and 1 more | 2025-12-31 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0(1)B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the module_update in file /usr/local/lua/dev_config/ace_sw.lua. | ||||
| CVE-2022-49950 | 1 Linux | 1 Linux Kernel | 2025-12-31 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-allocated session array could be corrupted in fastrpc_session_alloc() on open(). | ||||
| CVE-2024-23127 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-12-31 | 7.8 High |
| A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23126 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-12-31 | 7.8 High |
| A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23125 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-12-31 | 7.8 High |
| A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-11422 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-12-31 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23138 | 1 Autodesk | 17 Aautocad Lt, Advance Steel, Autocad and 14 more | 2025-12-31 | 7.8 High |
| A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-62862 | 1 Amperecomputing | 27 Ampereone A128-34x, Ampereone A128-34x Firmware, Ampereone A144-24x and 24 more | 2025-12-31 | 4.6 Medium |
| Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in (1) an out-of-bounds read which leaks Secure-EL0 information to a process running in Non-Secure state or (2) an out-of-bounds write which corrupts Secure or Non-Secure memory, limited to memory mapped to UEFI-MM Secure Partition by the Secure Partition Manager. | ||||
| CVE-2025-63414 | 2 Allsky, Allskyteam | 2 Allsky, Allsky | 2025-12-31 | 10 Critical |
| A Path Traversal vulnerability in the Allsky WebUI version v2024.12.06_06 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute arbitrary commands on the underlying operating system, leading to full remote code execution (RCE). | ||||