Improper Control of Generation of Code ('Code Injection')
CWE-94

CVE IDCVSSVendorExploitPatchTrends
CVE-2024-32030Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka UI API allows users to connect to different Kafka brokers by specifying their network address and port. As a separate feature, it also provides the ability to monitor the performance of Kafka brokers by connecting to their JMX ports. JMX is based on the RMI protocol, so it is inherently susceptible to deserialization attacks. A potential attacker can exploit this feature by connecting Kafka UI backend to its own malicious broker. This vulnerability affects the deployments where one of the following occurs: 1. dynamic.config.enabled property is set in settings. It's not enabled by default, but it's suggested to be enabled in many tutorials for Kafka UI, including its own README.md. OR 2. an attacker has access to the Kafka cluster that is being connected to Kafka UI. In this scenario the attacker can exploit this vulnerability to expand their access and execute code on Kafka UI as well. Instead of setting up a legitimate JMX port, an attacker can create an RMI listener that returns a malicious serialized object for any RMI call. In the worst case it could lead to remote code execution as Kafka UI has the required gadget chains in its classpath. This issue may lead to post-auth remote code execution. This is particularly dangerous as Kafka-UI does not have authentication enabled by default. This issue has been addressed in version 0.7.2. All users are advised to upgrade. There are no known workarounds for this vulnerability. These issues were discovered and reported by the GitHub Security lab and is also tracked as GHSL-2023-230.
CVSS 8.1Apache

Exploit

-

Trending graph for this CVE
CVE-2024-31974The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately sanitize the URI or any extra data passed in the intent by any installed application (with no permissions).
CVSS 6.3

Exploit

-

Trending graph for this CVE
CVE-2024-31864Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Zeppelin. The attacker can inject sensitive configuration or malicious code when connecting MySQL database via JDBC driver. This issue affects Apache Zeppelin: before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue.
CVSS 9.8Apache

-

-

Trending graph for this CVE
CVE-2024-31861Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Zeppelin. The attackers can use Shell interpreter as a code generation gateway, and execute the generated code as a normal way. This issue affects Apache Zeppelin: from 0.10.1 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which doesn't have Shell interpreter by default.
CVSS HIGHApache

-

-

Trending graph for this CVE
CVE-2024-31823An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the removeSecondaryImage method of the Publish.php component.
CVSS 8.8Ecommerce-codeigniter-bootstrap project

-

-

Trending graph for this CVE
CVE-2024-31822An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the saveLanguageFiles method of the Languages.php component.
CVSS 9.8Ecommerce-codeigniter-bootstrap project

-

-

Trending graph for this CVE
CVE-2024-31819An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
CVSS 9.8Wwbn

Exploit

-

Trending graph for this CVE
CVE-2024-31807TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function.
CVSS 9.8Totolink

-

-

Trending graph for this CVE
CVE-2024-31648Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter at /core/new_category2.
CVSS 6.1

-

-

Trending graph for this CVE
CVE-2024-31621An issue in FlowiseAI Inc Flowise v.1.6.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component.
CVSS 7.6Flowiseai

-

-

Trending graph for this CVE
CVE-2024-31396Code injection vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an administrator or higher privilege who can log in to the product may execute an arbitrary command on the server.
CVSS 6.6Appleple

-

-

Trending graph for this CVE
CVE-2024-31390Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Breakdance allows Code Injection.This issue affects Breakdance: from n/a through 1.7.0.
CVSS 9.9Breakdance, et al

-

-

Trending graph for this CVE
CVE-2024-31380Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Oxygen Builder allows Code Injection.This issue affects Oxygen Builder: from n/a through 4.8.1.
CVSS 9.9Soflyy

-

-

Trending graph for this CVE
CVE-2024-31266Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4.
CVSS 9.1Algolplus

-

-

Trending graph for this CVE
CVE-2024-3121A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the env_name and python_version parameters. This issue could lead to a serious security breach as demonstrated by the ability to execute the 'whoami' command among potentially other harmful commands.
CVSS 3.3Lollms

Exploit

Patched

Trending graph for this CVE
CVE-2024-31032An issue in Huashi Private Cloud CDN Live Streaming Acceleration Server hgateway-sixport v.1.1.2 allows a remote attacker to execute arbitrary code via the manager/ipping.php component.
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-31022An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component.
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-31013Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to execute arbitrary code via a crafted payload to the bottom of the homepage in footer_info parameter.
CVSS 6.1Emlog

-

-

Trending graph for this CVE
CVE-2024-31011Arbitrary file write vulnerability in beescms v.4.0, allows a remote attacker to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admin_template.php.
CVSS 9.8Beescms

-

-

Trending graph for this CVE
CVE-2024-31003Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp.
CVSS LowAxiosys

-

-

Trending graph for this CVE
CVE-2024-3098A vulnerability was identified in the `exec_utils` class of the `llama_index` package, specifically within the `safe_eval` function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method restrictions and execute unauthorized code. The vulnerability is a bypass of the previously addressed CVE-2023-39662, demonstrated through a proof of concept that creates a file on the system by exploiting the flaw.
CVSS Low

-

Patched

Trending graph for this CVE
CVE-2024-30973An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc.
CVSS 8.8

Exploit

-

Trending graph for this CVE
CVE-2024-30923SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the where Clause in Racer Document Rendering
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-30878A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the upload_drive parameter.
CVSS 6.1

-

-

Trending graph for this CVE
CVE-2024-30868netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_getlogin.php.
CVSS 9.8Netentsec

-

-

Trending graph for this CVE
CVE-2024-30858netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php.
CVSS 9.8Netentsec

-

-

Trending graph for this CVE
CVE-2024-30845Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attacker to execute arbitrary code via the validation component of the input parameters.
CVSS 6.1

-

-

Trending graph for this CVE
CVE-2024-30568Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter.
CVSS 9.8Netgear

-

-

Trending graph for this CVE
CVE-2024-30567An issue in JNT Telecom JNT Liftcom UMS V1.J Core Version JM-V15 allows a remote attacker to execute arbitrary code via the Network Troubleshooting functionality.
CVSS 6.3

-

-

Trending graph for this CVE
CVE-2024-30565An issue was discovered in SeaCMS version 12.9, allows remote attackers to execute arbitrary code via admin notify.php.
CVSS 8.8Seacms

-

-

Trending graph for this CVE
CVE-2024-3044Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.
CVSS 6.5Libreoffice

-

Patched

Trending graph for this CVE
CVE-2024-30202In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.
CVSS 7.8Gnu

-

Patched

Trending graph for this CVE
CVE-2024-29991This vulnerability allows remote attackers to bypass the Mark-Of-The-Web security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the handling of .MHT files. The issue results from the lack of a security check on .MHT files located in shared folders. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29991">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29991</a> <br/></td>
CVSS 5Microsoft

Exploit

Patched

Trending graph for this CVE
CVE-2024-29944This vulnerability allows remote attackers to escape the sandbox on affected installations of Mozilla Firefox. An attacker must first obtain the ability to execute low-privileged code in the renderer process in order to exploit this vulnerability.<br/>The specific flaw exists within the SessionStore component. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code in the context of the current user at medium integrity.<br/> Mozilla has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/#CVE-2024-29944">https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/#CVE-2024-29944</a> <br/></td>
CVSS 8.4Mozilla

Exploit

Patched

Trending graph for this CVE
CVE-2024-29513An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Forensics before 3.3 allows a local attacker to execute arbitrary code within the driver and create a local denial-of-service condition due to an improper DACL being applied to the device the driver creates.
CVSS 7.8

-

-

Trending graph for this CVE
CVE-2024-29500An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance.
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-29477Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input.
CVSS LowDolibarr

-

Patched

Trending graph for this CVE
CVE-2024-29399An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.
CVSS 7.6

Exploit

-

Trending graph for this CVE
CVE-2024-29309An issue in Alfresco Content Services v.23.3.0.7 allows a remote attacker to execute arbitrary code via the Transfer Service.
CVSS 7.7Alfresco

-

-

Trending graph for this CVE
CVE-2024-29276An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component.
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-29209A medium severity vulnerability has been identified in the update mechanism of the Phish Alert Button for Outlook, which could allow an attacker to remotely execute arbitrary code on the host machine. The vulnerability arises from the application's failure to securely verify the authenticity and integrity of the update server. The application periodically checks for updates by querying a specific URL. However, this process does not enforce strict SSL/TLS verification, nor does it validate the digital signature of the received update files. An attacker with the capability to perform DNS spoofing can exploit this weakness. By manipulating DNS responses, the attacker can redirect the application's update requests to a malicious server under their control. Once the application queries the spoofed update URL, the malicious server can respond with a crafted update package. Since the application fails to properly verify the authenticity of the update file, it will accept and execute the package, leading to arbitrary code execution on the host machine. Impact: Successful exploitation of this vulnerability allows an attacker to execute code with elevated privileges, potentially leading to data theft, installation of further malware, or other malicious activities on the host system. Affected Products: Phish Alert Button (PAB) for Outlook versions 1.10.0-1.10.11 Second Chance Client versions 2.0.0-2.0.9 PIQ Client versions 1.0.0-1.0.15 Remediation: Automated updates will be pushed to address this issue. Users of affected versions should verify the latest version is applied and, if not, apply the latest updates provided by KnowBe4, which addresses this vulnerability by implementing proper SSL/TLS checks of the update server. It is also recommended to ensure DNS settings are secure to prevent DNS spoofing attacks. Workarounds: Use secure corporate networks or VPN services to secure network communications, which can help mitigate the risk of DNS spoofing. Credits: This vulnerability was discovered by Ceri Coburn at Pen Test Partners, who reported it responsibly to the vendor.
CVSS LowBitdefender

-

-

Trending graph for this CVE
CVE-2024-29202JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and has database access, attackers could steal sensitive information from all hosts or manipulate the database. This vulnerability is fixed in v3.10.7.
CVSS 9.9Fit2cloud

-

-

Trending graph for this CVE
CVE-2024-29201JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can bypass the input validation mechanism in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and has database access, attackers could steal sensitive information from all hosts or manipulate the database. This vulnerability is fixed in v3.10.7.
CVSS 9.9Fit2cloud

-

-

Trending graph for this CVE
CVE-2024-29178On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4
CVSS 8.8Apache

-

Patched

Trending graph for this CVE
CVE-2024-29014Vulnerability in SonicWall NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.
CVSS 8.8Sonicwall

-

Patched

Trending graph for this CVE
CVE-2024-28886OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file (.ust file), an arbitrary OS command may be executed.
CVSS 8.4

-

-

Trending graph for this CVE
CVE-2024-28848OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `‎CompiledRule::validateExpression` method evaluates an SpEL expression using an `StandardEvaluationContext`, allowing the expression to reach and interact with Java classes such as `java.lang.Runtime`, leading to Remote Code Execution. The `/api/v1/policies/validation/condition/<expression>` endpoint passes user-controlled data `CompiledRule::validateExpession` allowing authenticated (non-admin) users to execute arbitrary system commands on the underlaying operating system. In addition, there is a missing authorization check since `Authorizer.authorize()` is never called in the affected path and therefore any authenticated non-admin user is able to trigger this endpoint and evaluate arbitrary SpEL expressions leading to arbitrary command execution. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query and is also tracked as `GHSL-2023-236`. This issue may lead to Remote Code Execution and has been resolved in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS 8.8Microsoft

Exploit

Patched

Trending graph for this CVE
CVE-2024-28847OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. Similarly to the GHSL-2023-250 issue, `AlertUtil::validateExpression` is also called from `EventSubscriptionRepository.prepare()`, which can lead to Remote Code Execution. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that, even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and, therefore, after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/events/subscriptions` which gets handled by `EventSubscriptionResource.createOrUpdateEventSubscription()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query. This issue may lead to Remote Code Execution and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-251`.
CVSS 8.8Microsoft

Exploit

Patched

Trending graph for this CVE
CVE-2024-28699A buffer overflow vulnerability in pdf2json v0.70 allows a local attacker to execute arbitrary code via the GString::copy() and ImgOutputDev::ImgOutputDev function.
CVSS 7.8Flowpaper

-

-

Trending graph for this CVE
CVE-2024-28593The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert images, play sounds or create different coloured and sized text." This page also says "Chat is due to be removed from standard Moodle."
CVSS 5.4Moodle

-

Patched

Trending graph for this CVE
CVE-2024-28424zenml v0.55.4 was discovered to contain an arbitrary file upload vulnerability in the load function at /materializers/cloudpickle_materializer.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file.
CVSS 8.8Zenml

-

-

Trending graph for this CVE
CVE-2024-28397An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
CVSS 5.3Pyload-ng project, et al

Exploit

Patched

Trending graph for this CVE
CVE-2024-28396An issue in MyPrestaModules ordersexport v.6.0.2 and before allows a remote attacker to execute arbitrary code via the download.php component.
CVSS 7.5Myprestamodules

-

-

Trending graph for this CVE
CVE-2024-28386An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin() component.
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-28253OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. `CompiledRule::validateExpression` is also called from `PolicyRepository.prepare`. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and therefore after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/policies` which gets handled by `PolicyResource.createOrUpdate()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query and is also tracked as `GHSL-2023-252`. This issue may lead to Remote Code Execution and has been addressed in version 1.3.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS 9.4Microsoft

Exploit

Patched

Trending graph for this CVE
CVE-2024-28119Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. Version 1.7.45 contains a patch for this issue.
CVSS 8.8Getgrav

-

Patched

Trending graph for this CVE
CVE-2024-28118Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from Grav context, an attacker can redefine config variable. As a result, attacker can bypass a previous SSTI mitigation. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. Version 1.7.45 contains a fix for this issue.
CVSS 8.8Getgrav

-

Patched

Trending graph for this CVE
CVE-2024-28117Grav is an open-source, flat-file content management system. Prior to version 1.7.45, Grav validates accessible functions through the Utils::isDangerousFunction function, but does not impose restrictions on twig functions like twig_array_map, allowing attackers to bypass the validation and execute arbitrary commands. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. Upgrading to patched version 1.7.45 can mitigate this issue.
CVSS 8.8Getgrav

-

Patched

Trending graph for this CVE
CVE-2024-28116Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing the existing security sandbox. Version 1.7.45 contains a patch for this issue.
CVSS 8.8Getgrav

Exploit

Patched

Trending graph for this CVE
CVE-2024-27857This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the Metal framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation.<br/>The specific flaw exists within the AMDRadeonX6000MTLDriver. Crafted data in a KTX file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.<br/> Apple has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://support.apple.com/en-ca/HT214108">https://support.apple.com/en-ca/HT214108</a> <br/></td>
CVSS 7.8Apple

Exploit

Patched

Trending graph for this CVE
CVE-2024-27766An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVSS 5.7Mariadb

-

Patched

Trending graph for this CVE
CVE-2024-27756An issue in GLPI v.10.0.12 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the title field.
CVSS 8.8Glpi-project

-

-

Trending graph for this CVE
CVE-2024-27705Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint.
CVSS 7.6Leantime

-

-

Trending graph for this CVE
CVE-2024-27627A reflected cross-site scripting (XSS) vulnerability exists in SuperCali version 1.1.0, allowing remote attackers to execute arbitrary JavaScript code via the email parameter in the bad_password.php page.
CVSS 6.1

-

-

Trending graph for this CVE
CVE-2024-27622A remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19. This vulnerability arises from inadequate sanitization of user-supplied input in the 'Code' section of the module. As a result, authenticated users with administrative privileges can inject and execute arbitrary PHP code.
CVSS 7.2Cmsmadesimple

-

-

Trending graph for this CVE
CVE-2024-27476Leantime 3.0.6 is vulnerable to HTML Injection via /dashboard/show#/tickets/newTicket.
CVSS 4.7Leantime

-

-

Trending graph for this CVE
CVE-2024-27191Improper Control of Generation of Code ('Code Injection') vulnerability in Inpersttion Slivery Extender allows Code Injection.This issue affects Slivery Extender: from n/a through 1.0.2.
CVSS 8.5

Exploit

-

Trending graph for this CVE
CVE-2024-26483An arbitrary file upload vulnerability in the Profile Image module of Kirby CMS v4.1.0 allows attackers to execute arbitrary code via a crafted PDF file.
CVSS 8.8Getkirby

-

-

Trending graph for this CVE
CVE-2024-26362HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and Linux allows attackers to run arbitrary HTML code via creation of crafted note.
CVSS 8.8Linux

-

-

Trending graph for this CVE
CVE-2024-2610Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
CVSS 6.1Mozilla

-

Patched

Trending graph for this CVE
CVE-2024-25713yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)
CVSS 8.6

-

-

Trending graph for this CVE
CVE-2024-25706There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote, unauthenticated attacker to craft a URL which, when clicked, could potentially generate a message that may entice an unsuspecting victim to visit an arbitrary website. This could simplify phishing attacks.
CVSS 6.1Esri

-

-

Trending graph for this CVE
CVE-2024-25600Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
CVSS 10Bricksbuilder

Exploit

-

Trending graph for this CVE
CVE-2024-25502Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the download_backup.php component.
CVSS 9.8Flusity

-

-

Trending graph for this CVE
CVE-2024-25415A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.
CVSS 7.2Oscommerce

-

-

Trending graph for this CVE
CVE-2024-25376An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair mode.
CVSS 7.8

Exploit

-

Trending graph for this CVE
CVE-2024-25359An issue in zuoxingdong lagom v.0.1.2 allows a local attacker to execute arbitrary code via the pickle_load function of the serialize.py file.
CVSS 6.6

-

-

Trending graph for this CVE
CVE-2024-25350SQL Injection vulnerability in /zms/admin/edit-ticket.php in PHPGurukul Zoo Management System 1.0 via tickettype and tprice parameters.
CVSS 9.8Phpgurukul

-

-

Trending graph for this CVE
CVE-2024-25301Redaxo v5.15.1 was discovered to contain a remote code execution (RCE) vulnerability via the component /pages/templates.php.
CVSS 7.2Redaxo

Exploit

-

Trending graph for this CVE
CVE-2024-25298An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php.
CVSS 7.2Redaxo

Exploit

Patched

Trending graph for this CVE
CVE-2024-25293mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute.
CVSS 9.3Mjml

Exploit

-

Trending graph for this CVE
CVE-2024-25291Deskfiler v1.2.3 allows attackers to execute arbitrary code via uploading a crafted plugin.
CVSS 9.8

Exploit

-

Trending graph for this CVE
CVE-2024-25202Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar.
CVSS 6.1Phpgurukul

Exploit

-

Trending graph for this CVE
CVE-2024-25180An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: this is disputed because the behavior of the /pdf endpoint is intentional. The /pdf endpoint is only available after installing a test framework (that lives outside of the pdfmake applicaton). Anyone installing this is responsible for ensuring that it is only available to authorized testers.
CVSS 9.8Pdfmake project

-

-

Trending graph for this CVE
CVE-2024-25110The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule with commit `30865c9c`. There are no known workarounds for this vulnerability.
CVSS 8.1Tenable, et al

-

Patched

Trending graph for this CVE
CVE-2024-25096Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7.
CVSS 10

-

-

Trending graph for this CVE
CVE-2024-25089Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows remote attackers to execute arbitrary code via gRPC named pipes.
CVSS 9.8Malwarebytes

-

-

Trending graph for this CVE
CVE-2024-25086Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
CVSS 7.8Mitsubishielectric, et al

-

-

Trending graph for this CVE
CVE-2024-25077An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Because the encryption engine for on-the-fly decryption uses AES in CTR mode without authentication, an attacker-modified Nonce can result in execution of arbitrary code.
CVSS 9.8Renesas

-

-

Trending graph for this CVE
CVE-2024-2497A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 4.7Raspap

-

-

Trending graph for this CVE
CVE-2024-24707Improper Control of Generation of Code ('Code Injection') vulnerability in Cwicly Builder, SL. Cwicly allows Code Injection.This issue affects Cwicly: from n/a through 1.4.0.2.
CVSS 9.9

-

-

Trending graph for this CVE
CVE-2024-24525An issue in EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 and 5.4.2 allows a remote attacker to execute arbitrary code via the infoid parameter of the URL.
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-24520An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place.
CVSS 7.8Lepton-cms

Exploit

-

Trending graph for this CVE
CVE-2024-24486An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to edit device settings via the SAVE EEP_DATA command.
CVSS 9.1Silextechnology

-

-

Trending graph for this CVE
CVE-2024-24469Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the delete_post .php.
CVSS 8.8Flusity

Exploit

-

Trending graph for this CVE
CVE-2024-24396Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component.
CVSS 6.1Stimulsoft

Exploit

Patched

Trending graph for this CVE
CVE-2024-24294A Prototype Pollution issue in Blackprint @blackprint/engine v.0.9.0 allows an attacker to execute arbitrary code via the _utils.setDeepProperty function of engine.min.js.
CVSS 9.8

-

Patched

Trending graph for this CVE
CVE-2024-24278An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the message function.
CVSS 7.5Teamwire

-

-

Trending graph for this CVE
CVE-2024-24091Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface.
CVSS 9.8Yealink

-

Patched

Trending graph for this CVE
CVE-2024-23755ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode.
CVSS 8.8

-

-

Trending graph for this CVE