Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: rce Clear
ID Title
CVE-2025-54236 KEV [KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2025-57567 Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
CVE-2025-60641 SQL Injection in sqli (CVE-2025-60641)
SQL injection in sqli (CVE-2025-60641). Risk of unauthorized operations or information disclosure.
CVE-2025-56588 Code Injection in dolibarr (CVE-2025-56588)
code injection in dolibarr (CVE-2025-56588). Successful exploitation can lead to full system takeover.
CVE-2025-56513 Vulnerability in nicehash (CVE-2025-56513)
vulnerability in nicehash (CVE-2025-56513). Successful exploitation can lead to full system takeover.
CVE-2020-36851 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-36851)
SSRF in ssrf (CVE-2020-36851). Risk of unauthorized operations or information disclosure.
CVE-2025-57819 KEV [KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
SQL injection in Sangoma freepbx (CVE-2025-57819). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-34162 SQL Injection in sqli (CVE-2025-34162)
SQL injection in sqli (CVE-2025-34162). Risk of unauthorized operations or information disclosure.
CVE-2025-34163 Unrestricted File Upload in CVE-2025-34163 (CVE-2025-34163)
vulnerability in CVE-2025-34163 (CVE-2025-34163). Risk of unauthorized operations or information disclosure.
CVE-2025-71344 Unsafe Deserialization in picklescan (CVE-2025-71344)
vulnerability in picklescan (CVE-2025-71344). Confidential information can be exposed externally. Mitigation: upgrade to `0.0.30` or later.
CVE-2025-71361 Vulnerability in picklescan (CVE-2025-71361)
vulnerability in picklescan (CVE-2025-71361). Confidential information can be exposed externally. Mitigation: upgrade to `0.0.29` or later.
CVE-2012-10060 Vulnerability in sysax (CVE-2012-10060)
vulnerability in sysax (CVE-2012-10060). Successful exploitation can lead to full system takeover.
CVE-2012-10047 SQL Injection in sqli (CVE-2012-10047)
SQL injection in sqli (CVE-2012-10047). Risk of unauthorized operations or information disclosure.
CVE-2025-51056 Unrestricted File Upload in vedo-suite-project (CVE-2025-51056)
vulnerability in vedo-suite-project (CVE-2025-51056). Confidential information can be exposed externally.
CVE-2012-10027 Unrestricted File Upload in wordpress (CVE-2012-10027)
vulnerability in wordpress (CVE-2012-10027). Risk of unauthorized operations or information disclosure. Exploitable via ``uploadify.php``.
CVE-2025-29534 OS Command Injection in CVE-2025-29534 (CVE-2025-29534)
OS command injection in CVE-2025-29534 (CVE-2025-29534). Successful exploitation can lead to full system takeover.
CVE-2025-53867 Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
CVE-2025-2251 Unsafe Deserialization in deserialization (CVE-2025-2251)
vulnerability in deserialization (CVE-2025-2251). Data can be tampered with by attackers.
CVE-2025-25802 Command Injection in seacms (CVE-2025-25802)
command injection in seacms (CVE-2025-25802). Data can be tampered with by attackers.
CVE-2025-25813 Command Injection in seacms (CVE-2025-25813)
command injection in seacms (CVE-2025-25813). Data can be tampered with by attackers.
CVE-2025-25792 Command Injection in seacms (CVE-2025-25792)
command injection in seacms (CVE-2025-25792). Risk of unauthorized operations or information disclosure.
CVE-2025-25793 Command Injection in seacms (CVE-2025-25793)
command injection in seacms (CVE-2025-25793). Data can be tampered with by attackers.
CVE-2025-25794 Command Injection in seacms (CVE-2025-25794)
command injection in seacms (CVE-2025-25794). Data can be tampered with by attackers.
CVE-2025-25796 Command Injection in seacms (CVE-2025-25796)
command injection in seacms (CVE-2025-25796). Data can be tampered with by attackers.
CVE-2025-25797 Command Injection in seacms (CVE-2025-25797)
command injection in seacms (CVE-2025-25797). Data can be tampered with by attackers.
CVE-2025-25789 Code Injection in foxcms (CVE-2025-25789)
code injection in foxcms (CVE-2025-25789). Successful exploitation can lead to full system takeover.
CVE-2025-0624 Out-of-Bounds Write in CVE-2025-0624 (CVE-2025-0624)
out-of-bounds write in CVE-2025-0624 (CVE-2025-0624). Successful exploitation can lead to full system takeover.
CVE-2024-42911 Code Injection in CVE-2024-42911 (CVE-2024-42911)
code injection in CVE-2024-42911 (CVE-2024-42911). Confidential information can be exposed externally.
CVE-2025-21402 Microsoft Office OneNote Remote Code Execution Vulnerability
Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2025-21361 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21338 GDI+ Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
CVE-2024-9143 Out-of-Bounds Read in CVE-2024-9143 (CVE-2024-9143)
vulnerability in CVE-2024-9143 (CVE-2024-9143). Risk of unauthorized operations or information disclosure.
CVE-2023-31493 Code Injection in zoneminder (CVE-2023-31493)
code injection in zoneminder (CVE-2023-31493). Confidential information can be exposed externally.
CVE-2023-50780 Vulnerability in apache (CVE-2023-50780)
vulnerability in apache (CVE-2023-50780). Successful exploitation can lead to full system takeover.
CVE-2024-46084 Command Injection in scriptcase (CVE-2024-46084)
command injection in scriptcase (CVE-2024-46084). Successful exploitation can lead to full system takeover.
CVE-2024-38909 Vulnerability in std42 (CVE-2024-38909)
vulnerability in std42 (CVE-2024-38909). Successful exploitation can lead to full system takeover.
CVE-2024-30104 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-30101 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-30103 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-3166 Cross-Site Scripting (XSS) in mintplexlabs (CVE-2024-3166)
cross-site scripting in mintplexlabs (CVE-2024-3166). Successful exploitation can lead to full system takeover.
CVE-2024-26257 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-20673 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-23054 Vulnerability in plone (CVE-2024-23054)
vulnerability in plone (CVE-2024-23054). Successful exploitation can lead to full system takeover.
CVE-2024-22899 Code Injection in vinchin (CVE-2024-22899)
code injection in vinchin (CVE-2024-22899). Successful exploitation can lead to full system takeover.
CVE-2024-22900 Command Injection in vinchin (CVE-2024-22900)
command injection in vinchin (CVE-2024-22900). Successful exploitation can lead to full system takeover.
CVE-2024-22903 Command Injection in vinchin (CVE-2024-22903)
command injection in vinchin (CVE-2024-22903). Successful exploitation can lead to full system takeover.
CVE-2024-23055 Vulnerability in plone (CVE-2024-23055)
vulnerability in plone (CVE-2024-23055). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
CVE-2023-40547 Out-of-Bounds Write in redhat (CVE-2023-40547)
out-of-bounds write in redhat (CVE-2023-40547). Successful exploitation can lead to full system takeover.
CVE-2023-50651 OS Command Injection in totolink (CVE-2023-50651)
OS command injection in totolink (CVE-2023-50651). Successful exploitation can lead to full system takeover.
CVE-2023-46987 Code Injection in seacms (CVE-2023-46987)
code injection in seacms (CVE-2023-46987). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →