| CVE-2014-6332 | High | MicrosoftWindows | OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site. | Mar 25, 2022 | KEV |
| CVE-2014-6324 | High | MicrosoftKerberos Key Distribution Center (KDC) | The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges. | Mar 25, 2022 | KEV |
| CVE-2014-6287 | High | RejettoHTTP File Server (HFS) | The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs. | Mar 25, 2022 | KEV |
| CVE-2014-3120 | High | ElasticElasticsearch | Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code. | Mar 25, 2022 | KEV |
| CVE-2014-0130 | High | RailsRuby on Rails | Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request. | Mar 25, 2022 | KEV |
| CVE-2013-5223 | High | D-LinkDSL-2760U | A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML. | Mar 25, 2022 | KEV |
| CVE-2013-4810 | High | Hewlett Packard (HP)ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management | HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet. | Mar 25, 2022 | KEV |
| CVE-2013-2251 | High | ApacheStruts | Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions. | Mar 25, 2022 | KEV |
| CVE-2012-1823 | High | PHPPHP | sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code. | Mar 25, 2022 | KEV |
| CVE-2010-4345 | High | EximExim | Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands. | Mar 25, 2022 | KEV |
| CVE-2010-4344 | High | EximExim | Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session. | Mar 25, 2022 | KEV |
| CVE-2010-3035 | High | CiscoIOS XR | Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS). | Mar 25, 2022 | KEV |
| CVE-2010-2861 | High | AdobeColdFusion | A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files. | Mar 25, 2022 | KEV |
| CVE-2009-1151 | High | phpMyAdminphpMyAdmin | Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. | Mar 25, 2022 | KEV |
| CVE-2009-0927 | High | AdobeReader and Acrobat | Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code. | Mar 25, 2022 | KEV |
| CVE-2005-2773 | High | Hewlett Packard (HP)OpenView Network Node Manager | HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system. | Mar 25, 2022 | KEV |
| CVE-2019-0841 | High | MicrosoftWindows | A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. | Mar 15, 2022 | KEV |
| CVE-2020-5135 | High | SonicWallSonicOS | A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. | Mar 15, 2022 | KEV |
| CVE-2019-1405 | High | MicrosoftWindows | A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation. | Mar 15, 2022 | KEV |
| CVE-2019-1322 | High | MicrosoftWindows | A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. | Mar 15, 2022 | KEV |