#remote-code-execution

#remote-code-execution

Apache Tomcat is vulnerable to remote code execution attacks due to a recently disclosed vulnerability, CVE-2025-24813.

Zip Slip vulnerability enables attackers to exploit archive extraction processes for remote code execution.

A vulnerability in the Parquet-avro module of a Java library could allow remote code execution through crafted files.

The vulnerability in Aviatrix Controller poses critical risks, leading to remote code execution and privilege escalation, with active exploits already observed.

A critical vulnerability known as '0.0.0.0 Day' impacts major web browsers, allowing malicious sites to breach local networks.

Critical security flaw in Apache Struts 2 allows file upload manipulation, posing severe risks of remote code execution; immediate updates are essential.

A critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.

A critical vulnerability in Apache Tomcat enables remote code execution and information disclosure, with active exploitation noted shortly after its disclosure.

Palo Alto Networks firewalls were compromised due to two security bugs, allowing attackers to deploy backdoors and malware.

GFI KerioControl firewalls have a vulnerability (CVE-2024-52875) allowing remote code execution due to improper input sanitization, posing significant security risks.

A high-severity vulnerability in Meta's Llama framework could allow remote code execution via deserialization of untrusted data.

46 new security flaws discovered in solar inverter products pose risks to electrical grids.

Critical vulnerabilities in Ingress NGINX Controller expose 6,500 Kubernetes clusters to remote code execution risks.

CVE-2024-38213 allows bypassing Windows mark-of-the-web protections leading to remote code execution via WebDAV shares.

Microsoft released updates addressing 117 vulnerabilities, including two actively exploited threats that pose significant risks to users.

As many as 10 security flaws were discovered in Google's Quick Share utility, leading to a potential remote code execution threat on systems with the software.

Flaws in Palo Alto Networks and SonicWall VPNs could allow remote code execution on Windows and macOS, exposing users to significant security risks.

A critical vulnerability in DrayTek routers could allow remote-code execution, risking sensitive data and system integrity.

Thousands of Prometheus servers lack proper authentication, risking data leakage, DoS, and remote code execution attacks due to their exposure on the internet.

A critical flaw in Aviatrix Controller is under active exploitation for backdoors and cryptocurrency mining.

The critical vulnerability on Microsoft SharePoint Server and two zero-day flaws in Windows should be addressed immediately by administrators.

Veeam's Backup & Replication software has a critical RCE vulnerability fixed in the latest security update.

The newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.

Traccar GPS system has critical vulnerabilities allowing remote code execution via path traversal if guest registration is enabled, posing serious security risks.

Netgear has patched critical security vulnerabilities in several Wi-Fi routers and access points, urging timely updates for user safety.

MediaTek disclosed a critical vulnerability affecting 51 chipsets, posing severe security risks to multiple device categories.