Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-94
Total 2906 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-6576 1 Atlassian 1 Bamboo 2019-05-03 6.5 MEDIUM 8.8 HIGH
Bamboo 2.2 before 5.8.5 and 5.9.x before 5.9.7 allows remote attackers with access to the Bamboo web interface to execute arbitrary Java code via an unspecified resource.
CVE-2018-11228 1 Crestron 8 Crestron Toolbox Protocol Firmware, Dmc-str, Tsw-1060 and 5 more 2019-05-02 10.0 HIGH 9.8 CRITICAL
Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP).
CVE-2018-5782 1 Mitel 2 Connect Onsite, St14.2 2019-04-26 10.0 HIGH 9.8 CRITICAL
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vsethost.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application.
CVE-2019-11376 1 Brassica 1 Soy Cms 2019-04-22 6.5 MEDIUM 7.2 HIGH
** DISPUTED ** SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own."
CVE-2014-3560 3 Canonical, Redhat, Samba 3 Ubuntu Linux, Enterprise Linux, Samba 2019-04-22 7.9 HIGH N/A
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
CVE-2018-19595 1 Pbootcms 1 Pbootcms 2019-04-17 7.5 HIGH 9.8 CRITICAL
PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect apps\home\controller\ParserController.php parserIfLabel protection mechanism.
CVE-2017-16871 1 Updraftplus 1 Updraftplus 2019-04-16 6.8 MEDIUM 8.1 HIGH
** DISPUTED ** The UpdraftPlus plugin through 1.13.12 for WordPress allows remote PHP code execution because the plupload_action function in /wp-content/plugins/updraftplus/admin.php has a race condition before deleting a file associated with the name parameter. NOTE: the vendor reports that this does not cross a privilege boundary.
CVE-2019-6713 1 Thinkcmf 1 Thinkcmf 2019-04-12 7.5 HIGH 9.8 CRITICAL
app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code by using vectors involving portal/List/index and list/:id to inject this code into data\conf\route.php, as demonstrated by a file_put_contents call.
CVE-2019-10842 1 Getbootstrap 1 Bootstrap-sass 2019-04-11 10.0 HIGH 9.8 CRITICAL
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare.
CVE-2019-10633 1 Zyxel 2 Nas326, Nas326 Firmware 2019-04-10 6.5 MEDIUM 8.8 HIGH
An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.
CVE-2019-10684 1 74cms 1 74cms 2019-04-03 7.5 HIGH 9.8 CRITICAL
Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.
CVE-2017-18108 1 Atlassian 1 Crowd 2019-04-01 6.5 MEDIUM 7.2 HIGH
The administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection.
CVE-2014-0111 1 Apache 1 Syncope 2019-03-21 6.5 MEDIUM N/A
Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition," "user / role templates," and "account links of resource mappings."
CVE-2018-10517 1 Cmsmadesimple 1 Cms Made Simple 2019-03-15 6.5 MEDIUM 7.2 HIGH
In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element.
CVE-2018-1260 1 Pivotal Software 1 Spring Security Oauth 2019-03-13 7.5 HIGH 9.8 CRITICAL
Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint.
CVE-2018-5158 4 Canonical, Debian, Mozilla and 1 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2019-03-13 6.8 MEDIUM 8.8 HIGH
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
CVE-2017-10844 1 Basercms 1 Basercms 2019-03-12 6.5 MEDIUM 8.8 HIGH
baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.
CVE-2019-9651 1 Sdcms 1 Sdcms 2019-03-11 7.5 HIGH 9.8 CRITICAL
An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the check_bad() function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions (such as "eval") are blocked but others (such as "system") are not, and because ".php" is blocked but ".PHP" is not blocked.
CVE-2013-7468 1 Simplemachines 1 Simple Machines Forum 2019-03-08 6.8 MEDIUM 8.1 HIGH
Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter.
CVE-2015-1061 1 Apple 3 Iphone Os, Mac Os X, Tvos 2019-03-08 9.3 HIGH N/A
IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages "type confusion" during serialized-object handling.