NotCVE - RCE

Page 4 of 47713 results (0.131 seconds)

CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0

CVE-2025-57310

https://notcve.org/view.php?id=CVE-2025-57310

12 Nov 2025 — p=ads&c=1 allowing attackers to execute arbitrary code. • https://gist.github.com/MMAKINGDOM/a6c2c8c70145cbea4e119525651e9a8d • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.7EPSS: 1%CPEs: 1EXPL: 0

CVE-2025-12089 – Data Tables Generator by Supsystic <= 1.10.45 - Authenticated (Admin+) Arbitrary File Deletion

https://notcve.org/view.php?id=CVE-2025-12089

12 Nov 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3394112%40data-tables-generator-by-supsystic&new=3394112%40data-tables-generator-by-supsystic&sfp_email=&sfph_mail= • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-12733 – Import any XML, CSV or Excel File to WordPress (WP All Import) <= 3.9.6 - Authenticated (Administrator+) Remote Code Execution via Conditional Logic

https://notcve.org/view.php?id=CVE-2025-12733

12 Nov 2025 — The Import any XML, CSV or Excel File to WordPress (WP All Import) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.9.6. ... This can lead to remote code execution. • https://plugins.trac.wordpress.org/browser/wp-all-import/tags/3.9.6/helpers/functions.php#L79 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

CVE-2025-13081

https://notcve.org/view.php?id=CVE-2025-13081

12 Nov 2025 — This so-called "gadget chain" presents no direct threat, but is a vector that can be used to achieve remote code execution if the application deserializes untrusted data due to another vulnerability. •

CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2025-40827

https://notcve.org/view.php?id=CVE-2025-40827

11 Nov 2025 — This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. • https://cert-portal.siemens.com/productcert/html/ssa-365596.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-40763

https://notcve.org/view.php?id=CVE-2025-40763

11 Nov 2025 — This could allow a local attacker to execute arbitrary code with superuser privileges by manipulating the environment variable and placing a malicious library in the controlled path. • https://cert-portal.siemens.com/productcert/html/ssa-514895.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-61843 – Format Plugins | Out-of-bounds Read (CWE-125)

https://notcve.org/view.php?id=CVE-2025-61843

11 Nov 2025 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/formatplugins/apsb25-114.html • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-61839 – Format Plugins | Out-of-bounds Read (CWE-125)

https://notcve.org/view.php?id=CVE-2025-61839

11 Nov 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe USD-Fileformat-plugins. • https://helpx.adobe.com/security/products/formatplugins/apsb25-114.html • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-61845 – Format Plugins | Out-of-bounds Read (CWE-125)

https://notcve.org/view.php?id=CVE-2025-61845

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-61840 – Format Plugins | Out-of-bounds Read (CWE-125)

https://notcve.org/view.php?id=CVE-2025-61840

1 2 3 4 5