#remote-code-execution

#remote-code-execution

Threat actors are exploiting a vulnerability in SAP NetWeaver for unauthorized file uploads and code execution.

Apache Tomcat is vulnerable to remote code execution attacks due to a recently disclosed vulnerability, CVE-2025-24813.

Thousands of Prometheus servers lack proper authentication, risking data leakage, DoS, and remote code execution attacks due to their exposure on the internet.

The vulnerability in Aviatrix Controller poses critical risks, leading to remote code execution and privilege escalation, with active exploits already observed.

A critical flaw in Aviatrix Controller is under active exploitation for backdoors and cryptocurrency mining.

Critical security flaw in Apache Struts 2 allows file upload manipulation, posing severe risks of remote code execution; immediate updates are essential.

Erlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.

A critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.

A high-severity vulnerability in Meta's Llama framework could allow remote code execution via deserialization of untrusted data.

A critical security vulnerability in Apache Parquet allows remote code execution, affecting versions up to 1.15.0.

A vulnerability in the Parquet-avro module of a Java library could allow remote code execution through crafted files.

Critical vulnerabilities in Ingress NGINX Controller expose 6,500 Kubernetes clusters to remote code execution risks.

The newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.

MediaTek disclosed a critical vulnerability affecting 51 chipsets, posing severe security risks to multiple device categories.