A Remote Code Execution (RCE) vulnerability is a security flaw that allows an attacker to execute arbitrary code on a remote computer or server over a network, without having physical access to the system. This type of vulnerability is particularly dangerous because it enables attackers to potentially take full control of the affected system, install malware, steal data, or perform other malicious actions.
RCE vulnerabilities are often exploited through weaknesses in software applications, operating systems, or network services, such as buffer overflows, SQL injection, or command injection. They are highly critical because they can be used to compromise systems and networks quickly and remotely.
CVE number = CVE-2024-10445 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T
Read MoreCVE-2025-29953 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache ActiveMQ NMS.
Read MoreA serious vulnerability (CVE-2025-32433) has been identified in the Erlang/OTP SSH server that may allow an attacker to perform unauthenticated remote code execution (RCE).
Read MoreOn April 16th 2025, a critical vulnerability in the Erlang/OTP SSH server was disclosed. This vulnerability could allow an unauthenticated, remote attacker to perform remote code execution (RCE) on an affected device.
Read MoreA vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user.
Read MoreThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom.
Read MoreCVE number – CVE-2025-2773 This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers.
Read MoreCVE-2025-24124 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS.
Read MoreStarting in version 1.11.5 and prior to versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21, loading a malicious schema definition in `GraphQL::Schema.from_introspection` (or `GraphQL::Schema::Loader.load`) can result in remote code execution.
Read MoreCVE-2025-2024 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp.
Read More
