A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox.
An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.
Microsoft SharePoint Server Remote Code Execution Vulnerability
A remote unauthenticated attacker may be able to bypass authentication
by utilizing a specific API route to execute arbitrary OS commands.
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary code via the cshell login component.
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
A malicious user with administrative privileges in the web portal would be able to manipulate the Diagnostics module to obtain remote code execution on the local device as a low privileged user.
Microsoft SharePoint Server Remote Code Execution Vulnerability
A remote code execution issue exists in HPE OneView.
An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint event_mail
Due to missing input validation during one step of the firmware update process, the product
is vulnerable to remote code execution. With network access and the user level ”Service”, an attacker
can ex
perl2exe <= V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executab
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited co
An issue in H3C Device R365V300R004 allows a remote attacker to execute arbitrary code via the default password. NOTE: the Supplier's position is that their "product lines enforce or clearly prompt us
CWE-250: Execution with Unnecessary Privileges