Lucene search
+L

225 matches found

nuclei
nuclei
added 10 hours ago70 views

SolarView 6.00 - Remote Command Execution

SolarView Compact 6.00 is vulnerable to a command injection via networktest.php. id: CVE-2022-40881 info: name: SolarView 6.00 - Remote Command Execution author: For3stCo1d severity: critical description: | SolarView Compact 6.00 is vulnerable to a command injection via networktest.php. impact: |...

9.8CVSS7AI score0.29451EPSS
Exploits2References5
nuclei
nuclei
added 10 hours ago158 views

TOTOLINK A3700R - Command Injection

An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. id: CVE-2023-46574 info: name: TOTOLINK A3700R - Command Injection author: DhiyaneshDk severity: critical description: | An issue in...

9.8CVSS7.3AI score0.65412EPSS
Exploits2References5
nuclei
nuclei
added 5 days ago45 views

Western Digital MyCloud NAS - Command Injection

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/googleanalytics.php URL via a modified arg parameter in the POST data. id: CVE-2016-10108 info: name: Western Digital MyCloud NAS - Command Injection author: DhiyaneshDk severity: critical...

10CVSS7.1AI score0.95174EPSS
Exploits4References4
nvd
nvd
added 2025/12/30 5:15 p.m.7 views

CVE-2025-68926

RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable...

9.8CVSS0.2903EPSS
Exploits3References1
cve
cve
added 2025/12/30 4:59 p.m.27 views

CVE-2025-68926

CVE-2025-68926 – RustFS hardcoded gRPC token authentication bypass . Affected RustFS versions prior to 1.0.0-alpha.78 expose a publicly visible hardcoded token, “rustfs rpc”, used for gRPC authentication on both client and server. The token is non-configurable and identical across deployments, en...

9.8CVSS6.7AI score0.2903EPSS
Exploits3References1Affected Software1
vulnrichment
vulnrichment
added 2025/12/30 4:59 p.m.3 views

CVE-2025-68926 RustFS has a gRPC Hardcoded Token Authentication Bypass

RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable...

9.8CVSS6.7AI score0.2903EPSS
Exploits3References1
osv
osv
added 2025/12/30 4:59 p.m.7 views

CVE-2025-68926 RustFS has a gRPC Hardcoded Token Authentication Bypass

RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable...

9.8CVSS7AI score0.2903EPSS
Exploits3References3
fedora
fedora
added 2025/12/12 1:34 a.m.10 views

[SECURITY] Fedora 43 Update: brotli-1.2.0-1.fc43

Brotli is a generic-purpose lossless compression algorithm that compresses da ta using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the be st currently available general-purpose compression methods. ...

8.9CVSS6.9AI score0.00633EPSS
Exploits0
ossf
ossf
added 2025/11/12 4:47 p.m.2 views

Malicious code in hariyono-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29d4c3eda6b2a29c068aa8b9dceb4af1fc8cfe98fb3d3ddfd2d3b88bc0d6c288 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/12 4:47 p.m.3 views

Malicious code in alvira-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d55e6ecc47c30ab19f59b280c495c0cf459f7fca3fcc3cd7086d4ba7d2cc10a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/12 4:47 p.m.2 views

Malicious code in billa-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a86426e39463ea719240dc1424bcca870783f96fb7c339373f8d7b3cdaa675d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/12 4:47 p.m.2 views

Malicious code in aril-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb72ce415cfe23952cf69b25239fe0918cdbc1d23c11bec56aec8b2cdc8c418 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/12 4:47 p.m.3 views

Malicious code in alvino-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 620e970886fd007eba5d49d01b472db10a5943f9f3398d058c5b96399fa22a08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/12 4:47 p.m.2 views

Malicious code in kentung-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 435c587df5676d0710608509372d0e6e2867eef1adc17e718ecd7cc16186d412 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/12 4:47 p.m.4 views

Malicious code in rita-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d50b4cbdc3fc2f3ddef9745dcc1b1935452db34328cfa924f0b31bed00672b50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
osv
osv
added 2025/11/12 4:47 p.m.1 views

MAL-2025-157561 Malicious code in kentung-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 435c587df5676d0710608509372d0e6e2867eef1adc17e718ecd7cc16186d412 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/12 4:47 p.m.3 views

MAL-2025-153730 Malicious code in billa-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a86426e39463ea719240dc1424bcca870783f96fb7c339373f8d7b3cdaa675d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/12 4:47 p.m.2 views

MAL-2025-152438 Malicious code in alvino-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 620e970886fd007eba5d49d01b472db10a5943f9f3398d058c5b96399fa22a08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/12 4:47 p.m.2 views

MAL-2025-152520 Malicious code in alvira-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d55e6ecc47c30ab19f59b280c495c0cf459f7fca3fcc3cd7086d4ba7d2cc10a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/12 4:47 p.m.2 views

MAL-2025-153877 Malicious code in bitha-77 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6c633cca96ab31064e79577677a85a343024b2cd391a8b09119191162cd885e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder