CVE-2024-38077: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability CVE-2024-38076: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability CVE-2024-38074: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability CVE-2024-38073: Windows Remote ...
IIS 系列 Http.sys处理 Range 整数溢出漏洞导致远程代码执行 1.漏洞概要 2015 年 04 月 14 日,微软发布严重级别的安全公告 MS15-034,编号为 CVE-2015-1635,据称在 Http.sys 中的漏洞可能允许远程执行代码。 2. 漏洞描述 CWE: CWE-119 CVE: CVE-2015-1635 Http.sys 是一个位于 Windows 操作系统核心组...
Recently, Apache Tomcat issued a security notice regarding a remote code execution vulnerability (CVE-2024-50379) in certain versions. This vulnerability stems from a flaw in verifying file paths. If the default servlet is write enabled (readonly initialisation parameter set to the non-default ...
A remote code execution vulnerability exists in Microsoft Visual Studio 2019 and Visual Studio 2017 if an XOML (Extensible Object Markup Language) file references certain types and causes random code to be run when the file is opened in Visual Studio. There ...
A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserializ
A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for specific code exchanged between the ASDM and...
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files. To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user i...
The logger will evaluate the payload, call the malicious attacker server, and fetch the code written in the object. Exploitable path: The vulnerability described in CVE-2021-44228 is caused by log4j-core’s jndiLookup functionality, which log4j-api does not provide and so it is not vulnerable...
这是一个可疑的可远程执行代码的应用。 下面是关于这个问题的具体的描述: A remote code execution vulnerability exists in the remote SAP Gateway as a result of allowing non-SAP applications to communicate with, and potentially run OS commands on SAP applications. An unauthenticated attacker can run the...
Huawei received a notification about a possible remote code execution vulnerability (CVE-2017-17215) regarding Huawei HG532 from Muhammad Mukatren of Check Point Software Technologies Research Department, which also released a security advisory CPAI-2017-1016 but without detailed vulnerability information ...