Lyrie
← Home

#rce

47 stories tagged.

LiteLLM: Authenticated command execution via MCP stdio test endpoints

4 min · 1 sources

CVE-2024-4577: PHP CGI Windows Character Encoding RCE

3 min · 3 sources

CVE-2024-3400: Palo Alto GlobalProtect Perfect-10 Command Injection

3 min · 3 sources

CVE-2026-39987: Marimo Pre-Auth RCE — Root in One Request

3 min · 3 sources

CVE-2024-7399: Samsung MagicINFO Path Traversal to SYSTEM-Level RCE

4 min · 3 sources

CVE-2024-4577: PHP-CGI RCE via Windows Best-Fit Character Conversion

5 min · 3 sources

CVE-2023-46604: Apache ActiveMQ OpenWire Deserialization RCE

5 min · 3 sources

HIGH: CVE-2025-29635 actively exploited — dlink dir-823x firmware

4 min · 4 sources

HIGH: CVE-2024-57728 actively exploited — simple-help simplehelp

4 min · 4 sources

CISA: CVE-2026-39987 added to Known Exploited Vulnerabilities — Marimo Marimo

4 min · 3 sources

CISA: CVE-2009-0238 added to Known Exploited Vulnerabilities — Microsoft Office

4 min · 3 sources

CISA: CVE-2023-21529 added to Known Exploited Vulnerabilities — Microsoft Exchange Server

4 min · 3 sources

CISA: CVE-2026-1340 added to Known Exploited Vulnerabilities — Ivanti Endpoint Manager Mobile (EPMM)

4 min · 3 sources

CISA: CVE-2025-53521 added to Known Exploited Vulnerabilities — F5 BIG-IP

4 min · 3 sources

CISA adds CVE-2025-32432 to KEV: Craft CMS code injection to RCE

4 min · 3 sources

CISA: CVE-2021-30952 added to Known Exploited Vulnerabilities — Apple Multiple Products

4 min · 3 sources

CISA: CVE-2024-37079 added to Known Exploited Vulnerabilities — Broadcom VMware vCenter Server

4 min · 3 sources

CISA: CVE-2009-0556 added to Known Exploited Vulnerabilities — Microsoft Office

4 min · 3 sources

CISA: CVE-2025-14733 added to Known Exploited Vulnerabilities — WatchGuard Firebox

4 min · 3 sources

CISA: CVE-2025-21042 added to Known Exploited Vulnerabilities — Samsung Mobile Devices

4 min · 3 sources

CISA: CVE-2025-24893 added to Known Exploited Vulnerabilities — XWiki Platform

4 min · 3 sources

CISA: CVE-2022-48503 added to Known Exploited Vulnerabilities — Apple Multiple Products

4 min · 3 sources

CISA: CVE-2011-3402 added to Known Exploited Vulnerabilities — Microsoft Windows

4 min · 3 sources

CISA: CVE-2013-3918 added to Known Exploited Vulnerabilities — Microsoft Windows

4 min · 3 sources

CISA: CVE-2014-6278 added to Known Exploited Vulnerabilities — GNU GNU Bash

4 min · 3 sources

CISA adds CVE-2017-1000353 to KEV: Jenkins RCE via remoting CLI deserialization

4 min · 3 sources

CISA: CVE-2024-8069 added to Known Exploited Vulnerabilities — Citrix Session Recording

4 min · 3 sources

CISA: CVE-2007-0671 added to Known Exploited Vulnerabilities — Microsoft Office

4 min · 3 sources

CISA: CVE-2013-3893 added to Known Exploited Vulnerabilities — Microsoft Internet Explorer

4 min · 3 sources

CISA: CVE-2016-10033 added to Known Exploited Vulnerabilities — PHP PHPMailer

4 min · 3 sources

CISA: CVE-2024-56145 added to Known Exploited Vulnerabilities — Craft CMS Craft CMS

4 min · 3 sources

CISA: CVE-2024-58136 added to Known Exploited Vulnerabilities — Yiiframework Yii

4 min · 3 sources

CISA: CVE-2024-38475 added to Known Exploited Vulnerabilities — Apache HTTP Server

4 min · 3 sources

CISA adds CVE-2022-43769 to KEV: RCE via Spring template injection in Pentaho BA Server

4 min · 3 sources

CISA: CVE-2024-4885 added to Known Exploited Vulnerabilities — Progress WhatsUp Gold

4 min · 3 sources

CISA: CVE-2021-44207 added to Known Exploited Vulnerabilities — Acclaim Systems USAHERDS

4 min · 3 sources

CISA: CVE-2018-14933 added to Known Exploited Vulnerabilities — NUUO NVRmini Devices

4 min · 3 sources

CISA: CVE-2023-28461 added to Known Exploited Vulnerabilities — Array Networks AG/vxAG ArrayOS

4 min · 3 sources

CISA: CVE-2019-16278 added to Known Exploited Vulnerabilities — Nostromo nhttpd

4 min · 3 sources

CISA: CVE-2020-0618 added to Known Exploited Vulnerabilities — Microsoft SQL Server

4 min · 3 sources

CISA: CVE-2013-0643 added to Known Exploited Vulnerabilities — Adobe Flash Player

4 min · 3 sources

CISA: CVE-2013-0648 added to Known Exploited Vulnerabilities — Adobe Flash Player

4 min · 3 sources

CISA: CVE-2014-0497 added to Known Exploited Vulnerabilities — Adobe Flash Player

4 min · 3 sources

CISA: CVE-2014-0502 added to Known Exploited Vulnerabilities — Adobe Flash Player

4 min · 3 sources

CISA adds CVE-2016-3714 (ImageMagick) to KEV: RCE via crafted images

4 min · 3 sources

CISA: CVE-2018-0824 added to Known Exploited Vulnerabilities — Microsoft Windows

4 min · 3 sources

CISA: CVE-2012-4792 added to Known Exploited Vulnerabilities — Microsoft Internet Explorer

4 min · 3 sources