Export limit exceeded: 10146 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10146 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22403 | 1 Google | 1 Android | 2025-09-02 | 9.8 Critical |
| In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-22408 | 1 Google | 1 Android | 2025-09-02 | 9.8 Critical |
| In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-35113 | 2 Agiloft, Atlassian | 2 Agiloft, Agiloft | 2025-09-02 | 5.9 Medium |
| Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Users should upgrade to Agiloft Release 31. | ||||
| CVE-2025-53002 | 1 Hiyouga | 1 Llama-factory | 2025-09-02 | 8.3 High |
| LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the `vhead_file` is loaded without proper safeguards, allowing malicious attackers to execute arbitrary malicious code on the host system simply by passing a malicious `Checkpoint path` parameter through the `WebUI` interface. The attack is stealthy, as the victim remains unaware of the exploitation. The root cause is that the `vhead_file` argument is loaded without the secure parameter `weights_only=True`. Version 0.9.4 contains a fix for the issue. | ||||
| CVE-2024-42987 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-09-02 | 7.5 High |
| Tenda FH1206 v02.03.01.35 was discovered to contain a stack-based buffer overflow vulnerability in the fromPptpUserAdd function. The vulnerability can be triggered via the modino, username, newpwd, or pptpdnetseg parameters, all of which are passed via HTTP POST and used in unsafe sprintf calls without proper length validation. A remote attacker can exploit this flaw through a crafted POST request, which may cause a Denial of Service (DoS). In certain scenarios, this issue could potentially be leveraged to achieve remote code execution. | ||||
| CVE-2022-4283 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2025-08-29 | 7.8 High |
| A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. | ||||
| CVE-2020-17159 | 2 Microsoft, Redhat | 2 Visual Studio Code, Language Support For Java | 2025-08-28 | 7.8 High |
| Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | ||||
| CVE-2020-17158 | 1 Microsoft | 1 Dynamics 365 | 2025-08-28 | 8.8 High |
| Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | ||||
| CVE-2020-17156 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2025-08-28 | 7.8 High |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2020-17152 | 1 Microsoft | 1 Dynamics 365 | 2025-08-28 | 8.8 High |
| Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | ||||
| CVE-2020-17150 | 1 Microsoft | 2 Tslint, Visual Studio Code | 2025-08-28 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2020-17148 | 1 Microsoft | 1 Visual Studio Code | 2025-08-28 | 7.8 High |
| Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | ||||
| CVE-2020-17142 | 1 Microsoft | 1 Exchange Server | 2025-08-28 | 9.1 Critical |
| Microsoft Exchange Remote Code Execution Vulnerability | ||||
| CVE-2020-17141 | 1 Microsoft | 1 Exchange Server | 2025-08-28 | 8.4 High |
| Microsoft Exchange Remote Code Execution Vulnerability | ||||
| CVE-2020-17132 | 1 Microsoft | 1 Exchange Server | 2025-08-28 | 9.1 Critical |
| Microsoft Exchange Remote Code Execution Vulnerability | ||||
| CVE-2020-17129 | 1 Microsoft | 9 365 Apps, Excel, Excel 2013 and 6 more | 2025-08-28 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2020-17128 | 1 Microsoft | 10 365 Apps, Excel, Excel 2013 and 7 more | 2025-08-28 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2020-17127 | 1 Microsoft | 1 Excel | 2025-08-28 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2020-17125 | 1 Microsoft | 9 365 Apps, Excel, Excel 2013 and 6 more | 2025-08-28 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2020-17124 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2025-08-28 | 7.8 High |
| Microsoft PowerPoint Remote Code Execution Vulnerability | ||||