| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability. |
| SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution. |
| Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin. |
| DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution. |
| Microsoft Defender Remote Code Execution Vulnerability |
| Power BI Remote Code Execution Vulnerability |
| Microsoft Intune Management Extension Remote Code Execution Vulnerability |
| VP9 Video Extensions Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Remote Code Execution Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| Paint 3D Remote Code Execution Vulnerability |
| 3D Viewer Remote Code Execution Vulnerability |
| Microsoft Office Graphics Remote Code Execution Vulnerability |
| Microsoft Office Graphics Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames (e.g., .phar or .pht). A remote authenticated administrator is able to upload a file containing arbitrary PHP code into specific directories via main/inc/lib/fileUpload.lib.php directory traversal to achieve PHP code execution. |
| In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible. |
| In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible. |
| A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution. |
