Vulnerabilities (CVE)

Filtered by CWE-94
Total 3569 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-8284 1 Microsoft 13 .net Framework, Project Server, Sharepoint Enterprise Server and 10 more 2024-02-04 9.3 HIGH 8.1 HIGH
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
CVE-2017-1242 1 Ibm 2 Rational Collaborative Lifecycle Management, Rational Quality Manager 2024-02-04 3.5 LOW 5.4 MEDIUM
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124524.
CVE-2017-16082 1 Node-postgres 1 Pg 2024-02-04 7.5 HIGH 9.8 CRITICAL
A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a malicious column name. 2) Connecting to an untrusted database and executing a query which returns results where any of the column names are malicious.
CVE-2016-10541 1 Shell-quote Project 1 Shell-quote 2024-02-04 7.5 HIGH 9.8 CRITICAL
The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape ">" and "<" operator used for redirection in shell. Applications that depend on shell-quote may also be vulnerable. A malicious user could perform code injection.
CVE-2016-10546 1 Pouchdb 1 Pouchdb 2024-02-04 10.0 HIGH 9.8 CRITICAL
An arbitrary code injection vector was found in PouchDB 6.0.4 and lesser via the map/reduce functions used in PouchDB temporary views and design documents. The code execution engine for this branch is not properly sandboxed and may be used to run arbitrary JavaScript as well as system commands.
CVE-2018-7951 1 Huawei 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more 2024-02-04 9.0 HIGH 8.8 HIGH
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.
CVE-2018-7466 1 Testlink 1 Testlink 2024-02-04 6.0 MEDIUM 7.5 HIGH
install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value.
CVE-2017-16020 1 Summit Project 1 Summit 2024-02-04 7.5 HIGH 9.8 CRITICAL
Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name.
CVE-2018-10133 1 Pbootcms 1 Pbootcms 2024-02-04 7.5 HIGH 9.8 CRITICAL
PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php.
CVE-2018-10086 1 Cmsmadesimple 1 Cms Made Simple 2024-02-04 6.5 MEDIUM 7.2 HIGH
CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunction" functions.
CVE-2018-8074 1 Yiiframework 1 Yii 2024-02-04 6.8 MEDIUM 8.1 HIGH
Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension.
CVE-2017-16670 1 Smartbear 1 Soapui 2024-02-04 6.8 MEDIUM 7.8 HIGH
The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file.
CVE-2018-9848 1 Gxlcms 1 Gxlcms Qy 2024-02-04 7.5 HIGH 9.8 CRITICAL
In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the config[upload_class] value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an Admin-Upload-Upload request.
CVE-2018-9174 1 Dedecms 1 Dedecms 2024-02-04 7.5 HIGH 9.8 CRITICAL
sys_verifies.php in DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the refiles array parameter, because the contents of modifytmp.inc are under an attacker's control.
CVE-2018-6889 1 Typesettercms 1 Typesetter 2024-02-04 6.5 MEDIUM 8.8 HIGH
An issue was discovered in Typesetter 5.1. It suffers from a Host header injection vulnerability, Using this attack, a malicious user can poison the web cache or perform advanced password reset attacks or even trigger arbitrary user re-direction.
CVE-2018-10515 1 Cmsmadesimple 1 Cms Made Simple 2024-02-04 6.5 MEDIUM 7.2 HIGH
In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP archive.
CVE-2018-8073 1 Yiiframework 1 Yii 2024-02-04 7.5 HIGH 9.8 CRITICAL
Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA code via a variant of the CVE-2018-7269 attack in conjunction with the Redis extension.
CVE-2018-5779 1 Mitel 2 Connect Onsite, St14.2 2024-02-04 10.0 HIGH 9.8 CRITICAL
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to copy a malicious script into a newly generated PHP file and then execute the generated file using specially crafted requests. Successful exploit could allow an attacker to execute arbitrary code within the context of the application.
CVE-2017-10835 1 Nippon-antenna 2 Scr02hd, Scr02hd Firmware 2024-02-04 6.5 MEDIUM 8.8 HIGH
"Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to conduct code injection attacks via unspecified vectors.
CVE-2016-5713 1 Puppet 1 Puppet Agent 2024-02-04 7.5 HIGH 9.8 CRITICAL
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0.