CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2011-10017 – Snort Report nmap.php/nbtscan.php RCE
https://notcve.org/view.php?id=CVE-2011-10017
13 Aug 2025 — These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. • https://www.vulncheck.com/advisories/snort-report-rce • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 4CVE-2011-10010 – QuickShare File Server 1.2.1 Path Traversal RCE
https://notcve.org/view.php?id=CVE-2011-10010
13 Aug 2025 — When the "Writable" option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or executable placement. • https://www.vulncheck.com/advisories/quickshare-file-server-path-traversal-rce • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 3CVE-2011-10012 – NetOp Remote Control Client 9.5 .dws File Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-10012
13 Aug 2025 — If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/netop.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2011-10018 – myBB 1.6.4 Backdoor Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2011-10018
13 Aug 2025 — myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. • https://www.vulncheck.com/advisories/mybb-backdoor-arbitrary-command-execution • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-912: Hidden Functionality •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2011-10014 – GTA SA-MP server.cfg Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-10014
13 Aug 2025 — The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/gta_samp.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 4CVE-2012-10059 – Dolibarr ERP/CRM Post-Auth OS Command Injection
https://notcve.org/view.php?id=CVE-2012-10059
13 Aug 2025 — The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/dolibarr_cmd_exec.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 3CVE-2012-10055 – ComSndFTP v1.3.7 Beta USER Format String RCE
https://notcve.org/view.php?id=CVE-2012-10055
13 Aug 2025 — This allows the attacker to redirect execution flow and bypass DEP protections using a ROP chain, ultimately leading to arbitrary code execution. • https://www.vulncheck.com/advisories/comsndftp-user-format-string-rce • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23304
https://notcve.org/view.php?id=CVE-2025-23304
13 Aug 2025 — NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23304 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23303
https://notcve.org/view.php?id=CVE-2025-23303
13 Aug 2025 — NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23303 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-23294
https://notcve.org/view.php?id=CVE-2025-23294
13 Aug 2025 — NVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute arbitrary code with elevated permissions. • https://nvd.nist.gov/vuln/detail/CVE-2025-23294 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •