Remote Code Execution
Remote Code Execution (RCE) vulnerabilities allow an attacker to execute arbitrary code on a remote system without authorization. These are among the most severe vulnerabilities as they can lead to complete system compromise.
289
CRITICAL
Execution
Understanding Remote Code Execution
Remote Code Execution vulnerabilities represent the most critical class of security flaws. When exploited, they allow attackers to run arbitrary commands on a target system, often with the same privileges as the vulnerable application.
RCE vulnerabilities commonly arise from unsafe deserialization, command injection, or memory corruption bugs. They're frequently found in web applications, network services, and system utilities.
How to Identify
- •Look for input validation bypasses in file upload functionality
- •Check for unsafe deserialization of user-controlled data
- •Test command execution functions with special characters
- •Review template engines for server-side template injection
Prevention Best Practices
- ✓Use parameterized queries and prepared statements
- ✓Implement strict input validation and sanitization
- ✓Run applications with minimal privileges
- ✓Keep all software dependencies up to date
- ✓Use security headers and Content Security Policy
Remote Code Execution CVEs (289)
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2023-31069 | 9.8 | An attacker can easily access sensitive login credentials because they are stored in plain text within the HTML code of the TSplus Remote Access login page. This vulnerability can be exploited simply by viewing the page's source code, making it critical for anyone using this software to take immediate action to secure their systems. | tsplustsplus remote work | Theoretical | over 2 years agoSep 11, 2023 |
| CVE-2020-36731 | 6.1 | An attacker can change the plugin settings without needing to log in, which could lead to malicious changes or even inject harmful scripts that affect users. This vulnerability affects versions up to 2.3.1 of the Flexible Checkout Fields for WooCommerce plugin and arises from a lack of proper checks and safeguards when updating settings. | wpdeskflexible checkout fields | Theoretical | almost 3 years agoJun 7, 2023 |
| CVE-2023-34104 | 7.5 | An attacker can exploit this vulnerability to cause a denial of service (DoS) by sending specially crafted XML data that makes the parser hang indefinitely. This can happen if the parser is processing entity names that contain special characters, so users should upgrade to the latest version or disable certain features to protect themselves. | naturalintelligencefast-xml-parser | Exploit Available | almost 3 years agoJun 6, 2023 |
| CVE-2023-27524 | 9.8 | An attacker can gain unauthorized access to sensitive resources in Apache Superset if the default SECRET_KEY hasn't been changed, allowing them to manipulate session cookies. This vulnerability only affects installations that haven't followed the setup instructions to configure a unique SECRET_KEY. | apachesuperset | Exploit Available | almost 3 years agoApr 24, 2023 |
| CVE-2023-1041 | 6.1 | This vulnerability allows an attacker to inject malicious scripts into the website, which could lead to unauthorized actions or data theft from users who visit the affected page. It can be exploited remotely by manipulating a specific input field without needing any special access or credentials. | oretnom23simple responsive tourism website | Exploit Available | about 3 years agoFeb 26, 2023 |
| CVE-2022-41167 | 7.8 | This vulnerability allows an attacker to run malicious code on a victim's computer when they open a specially crafted AutoCAD file in SAP 3D Visual Enterprise Author. The attacker needs the victim to open this manipulated file, which can come from untrusted sources, to exploit the flaw. | sap3d visual enterprise author | Theoretical | over 3 years agoOct 11, 2022 |
| CVE-2022-39808 | 7.8 | This vulnerability allows an attacker to execute malicious code on a victim's system by tricking them into opening a specially crafted 3D object file in SAP 3D Visual Enterprise Author. It requires the victim to open a file from an untrusted source, which can lead to serious security breaches. | sap3d visual enterprise author | Theoretical | over 3 years agoOct 11, 2022 |
| CVE-2022-39806 | 7.8 | This vulnerability allows an attacker to run malicious code on a victim's computer if they open a specially crafted SolidWorks Drawing file in SAP 3D Visual Enterprise Author version 9. The attacker needs the victim to open this manipulated file, which could come from untrusted sources, to exploit the flaw. | sap3d visual enterprise author | Theoretical | over 3 years agoOct 11, 2022 |
| CVE-2022-39805 | 7.8 | This vulnerability allows an attacker to run malicious code on a victim's computer by tricking them into opening a specially crafted graphics file in SAP 3D Visual Enterprise Author. It requires the victim to open a file from an untrusted source, which can lead to serious security breaches. | sap3d visual enterprise author | Theoretical | over 3 years agoOct 11, 2022 |
| CVE-2022-39804 | 7.8 | An attacker can execute malicious code on a victim's system by tricking them into opening a specially crafted SolidWorks Part file in SAP 3D Visual Enterprise Author. This vulnerability requires the victim to open a file from an untrusted source, which can lead to serious security breaches. | sap3d visual enterprise author | Exploit Available | over 3 years agoOct 11, 2022 |
| CVE-2022-39803 | 7.8 | This vulnerability allows an attacker to run malicious code on a victim's computer if they open a specially crafted 3D file from an untrusted source in SAP 3D Visual Enterprise Author. It requires the victim to open the manipulated file, which can exploit memory management flaws in the software. | sap3d visual enterprise author | Theoretical | over 3 years agoOct 11, 2022 |
| CVE-2022-3423 | 6.5 | This vulnerability allows an attacker to consume excessive system resources on the nocodb application, potentially leading to service slowdowns or crashes. It can be exploited if the attacker has access to the application and can send requests that overwhelm the system. | nocodbnocodb | Exploit Available | over 3 years agoOct 7, 2022 |
| CVE-2022-3225 | 5.7 | This vulnerability allows an attacker to execute arbitrary code within the Budibase application, potentially leading to unauthorized access or data manipulation. It requires the attacker to have some level of access to the system where Budibase is running, making it important for users to update to version 1.3.20 or later to mitigate the risk. | budibasebudibase | Exploit Available | over 3 years agoSep 16, 2022 |
| CVE-2022-22988 | 9.1 | This vulnerability allows an attacker with authenticated access to a device to potentially modify or access sensitive files and directories. However, the attacker must first find a way to log in to the device before they can exploit this weakness. | westerndigitaledgerover | Exploit Available | about 4 years agoJan 13, 2022 |
| CVE-2020-24932 | 9.8 | This vulnerability allows an attacker to manipulate the database of the Complaint Management System by injecting harmful SQL code through the 'cid' parameter in a specific webpage, potentially exposing sensitive data or allowing unauthorized access. The attacker needs to know the URL structure and have access to the complaint-details.php page to exploit this weakness. | razormistcomplaint management system | Exploit Available | over 4 years agoOct 27, 2021 |
| CVE-2021-38162 | 9.4 | This vulnerability allows an attacker to send specially crafted requests to an SAP Web Dispatcher, which can trick the connected back-end server into executing harmful commands. The attacker does not need to be authenticated, but they may need to send multiple requests to successfully exploit the issue. | sapweb dispatcher | Exploit Available | over 4 years agoSep 14, 2021 |
| CVE-2021-0584 | 5.5 | This vulnerability allows an attacker to access sensitive information stored on an Android device without needing any special permissions or user interaction. It occurs due to a flaw in how the system checks input data, affecting multiple versions of Android from 8.1 to 11. | googleandroid | Theoretical | over 4 years agoAug 17, 2021 |
| CVE-2020-1487 | 7.8 | This vulnerability allows an attacker to access sensitive information on a user's system, which could lead to further attacks. To exploit it, the attacker needs the user to open a specially crafted file, often by tricking them into clicking a link in an email or message. | microsoftwindows 10 | Exploit Available | over 5 years agoAug 17, 2020 |
| CVE-2020-1483 | 5.0 | This vulnerability allows an attacker to run harmful code on a user's computer if they can trick the user into opening a specially crafted file in Microsoft Outlook. It’s particularly dangerous for users with administrative rights, as it could let the attacker take full control of the system, install programs, or access sensitive data. | microsoft365 apps | Exploit Available | over 5 years agoAug 17, 2020 |
| CVE-2019-1152 | 8.8 | This vulnerability allows an attacker to take control of a Windows 10 system by exploiting flaws in how the operating system handles certain fonts, which could let them install programs or access sensitive data. To succeed, the attacker needs to trick users into visiting a malicious website or opening a specially crafted document. | microsoftwindows 10 | Exploit Available | over 6 years agoAug 14, 2019 |