| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. |
| IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116. |
| IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit. |
|
Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.
|
| In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. |
| there is a possible out of bounds write due to buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
|
| In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.
|
| In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
|
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution. |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution. |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution. |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server. |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API. |
| Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php. |
| Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth. |
| In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214. The impact is: execute arbitrary code (remote). |
| Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a fix is available. |
| A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution. |
