Export limit exceeded: 10672 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10672 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-1000062 1 Kitto Project 1 Kitto 2025-04-20 N/A
kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution
CVE-2017-1000081 1 Onosproject 1 Onos 2025-04-20 9.8 Critical
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.
CVE-2017-1000203 1 Cern 1 Root 2025-04-20 N/A
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
CVE-2017-0674 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231163.
CVE-2017-1000228 1 Ejs 1 Ejs 2025-04-20 N/A
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
CVE-2017-1000251 4 Debian, Linux, Nvidia and 1 more 17 Debian Linux, Linux Kernel, Jetson Tk1 and 14 more 2025-04-20 8.0 High
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
CVE-2017-0673 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623.
CVE-2017-0671 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.
CVE-2017-10686 2 Canonical, Nasm 2 Ubuntu Linux, Netwide Assembler 2025-04-20 N/A
In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken(), a double free or corruption in delete_Token(), and an out-of-bounds write in detoken(). It has a high possibility to lead to a remote code execution attack.
CVE-2017-11495 1 Phicomm 2 K2\(psg1218\), K2\(psg1218\)-firmware 2025-04-20 N/A
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.
CVE-2017-11762 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2025-04-20 N/A
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-11763.
CVE-2017-11763 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2025-04-20 N/A
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-11763.
CVE-2017-11769 1 Microsoft 2 Windows 10, Windows Server 2016 2025-04-20 N/A
The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files, aka "TRIE Remote Code Execution Vulnerability".
CVE-2016-10402 1 Avira 1 Antivirus 2025-04-20 7.8 High
Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow.
CVE-2016-10176 1 Netgear 2 Wnr2000v5, Wnr2000v5 Firmware 2025-04-20 N/A
The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution.
CVE-2015-2868 1 Trane 1 Comfortlink Ii Firmware 2025-04-20 N/A
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution.
CVE-2007-5341 1 Mozilla 1 Firefox 2025-04-20 N/A
Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
CVE-2017-0677 1 Google 1 Android 2025-04-20 N/A
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074.
CVE-2017-6465 1 Ftpshell 1 Ftpshell Client 2025-04-20 N/A
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.
CVE-2016-4335 1 Lexmark 1 Perceptive Document Filters 2025-04-20 N/A
An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulting in remote code execution.