Search Results (120932 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-36882 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-27 8.8 High
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36910 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-27 9.8 Critical
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-36911 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-27 9.8 Critical
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-35385 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-27 9.8 Critical
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-35389 1 Microsoft 1 Dynamics 365 2025-02-27 6.5 Medium
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2023-38185 1 Microsoft 1 Exchange Server 2025-02-27 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38169 1 Microsoft 3 Odbc Driver For Sql Server, Ole Db Driver For Sql Server, Sql Server 2025-02-27 8.8 High
Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2023-35371 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2025-02-27 7.8 High
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-35372 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-02-27 7.8 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-36895 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-02-27 7.8 High
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2023-36896 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2025-02-27 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-35388 1 Microsoft 1 Exchange Server 2025-02-27 8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38182 1 Microsoft 1 Exchange Server 2025-02-27 8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-1311 1 Friendly Island Pizza Website And Ordering System Project 1 Friendly Island Pizza Website And Ordering System 2025-02-27 6.3 Medium
A vulnerability, which was classified as critical, was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. This affects an unknown part of the file large.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222699.
CVE-2023-28562 1 Qualcomm 136 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 133 more 2025-02-27 9.8 Critical
Memory corruption while handling payloads from remote ESL.
CVE-2023-22301 1 Openatom 1 Openharmony 2025-02-27 6.5 Medium
The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system.
CVE-2023-28543 1 Qualcomm 8 Qcs405, Qcs405 Firmware, Qcs605 and 5 more 2025-02-27 8.1 High
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source).
CVE-2023-39362 2 Cacti, Fedoraproject 2 Cacti, Fedora 2025-02-27 7.2 High
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2021-36023 1 Magento 1 Magento 2025-02-27 9.1 Critical
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.
CVE-2023-1043 1 Muyucms 1 Muyucms 2025-02-27 4.3 Medium
A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an unknown function of the file /editor/index.php. The manipulation of the argument dir_path leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221802 is the identifier assigned to this vulnerability.