| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Windows Media Video Decoder Remote Code Execution Vulnerability |
| Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE). |
| LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool (in the Support section) allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI. |
| Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody. |
| Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a debug port, leading to remote code execution by an authenticated attacker. |
| Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an authenticated attacker. |
| Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution. |
| Remote Code Execution (RCE) vulnerability exists in MaxSite CMS v107.5 via the Documents page. |
| A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product. |
