Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers
Veeam addressed a critical RCE vulnerability flaw in Backup & Replication that lets low-privileged domain users take control of backup servers. Veeam has pat...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1190 — Exploit Public-Facing Application (Initial Access)
Clear filter256 articles found
Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CV...
New Veeam vulnerability exposes backup servers to RCE attacks
Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domai...
LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers
A critical vulnerability chain affecting LiteLLM has been identified, enabling unauthenticated remote code execution (RCE) on exposed servers. Tracked as CVE...
ZDI-26-342: Progress Software Kemp LoadMaster apiuser Uninitialized Memory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is not re...
ZDI-26-341: Progress Software Kemp LoadMaster dolistapikeys Uninitialized Memory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is requir...
ZDI-26-340: Progress Software Kemp LoadMaster dodelapikey Uninitialized Memory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is requir...
ZDI-26-338: NVIDIA Transformers4Rec Model.load Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Transformers4Rec. User interaction is required to ex...
ZDI-26-345: Adobe Acrobat Reader DC Font Handling Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...
ZDI-26-343: Adobe Acrobat Reader DC TIF File Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...
ZDI-26-354: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...
ZDI-26-353: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...
ZDI-26-352: Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to explo...
ZDI-26-351: Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD libr...
ZDI-26-350: Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD libr...
ZDI-26-349: Adobe Acrobat Pro DC Annots.api Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to explo...
ZDI-26-348: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...
ZDI-26-347: Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...
Ubiquiti UniFi OS server vulnerabilities allow unauthenticated remote code execution
The security flaws, tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, were addressed in May and impacted UniFi OS Server versions 5.0.
Gogs patches critical zero-day enabling remote code execution
Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including pr...