| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. This vulnerability allows an attacker to execute an remote arbitrary code. |
| An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash. |
| An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems. |
| A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. |
| An improper input validation vulnerability in the service of ezPDFReader allows attacker to execute arbitrary command. This issue occurred when the ezPDF launcher received and executed crafted input values through JSON-RPC communication. |
| A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the Ark_DigPathA function parsed a file path. This vulnerability is due to missing support for string length check. |
| A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS). |
| In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges. |
| Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability |
| Windows HTTP.sys Elevation of Privilege Vulnerability |
| Storage Spaces Controller Elevation of Privilege Vulnerability |
| Windows Scripting Engine Memory Corruption Vulnerability |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
| Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability |
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
| Windows User Account Profile Picture Elevation of Privilege Vulnerability |
| Windows Event Tracing Elevation of Privilege Vulnerability |
| Windows TCP/IP Remote Code Execution Vulnerability |
| Scripting Engine Memory Corruption Vulnerability |
| Windows Overlay Filter Information Disclosure Vulnerability |
