Lucene search
K

7661 matches found

Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.5 views

PT-2025-50695

IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input...

8.8CVSS7.3AI score0.00404EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.5 views

PT-2025-50688

Name of the Vulnerable Software and Affected Versions Ruijie X60 PRO versions V1.00 through V2.00 Description An issue exists in Ruijie X60 PRO that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw present in the module get function within the...

7.8CVSS7.3AI score0.01135EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

Compuware iStrobe Web 代码问题漏洞

Compuware iStrobe Web is a mainframe performance analysis and optimization tool from Compuware Corporation. A code issue vulnerability exists in Compuware iStrobe Web version 20.13, which arises from a path traversal in the file upload form that could result in the upload of a JSP webshell and th...

9.2CVSS7.3AI score0.00721EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR860 version, which stems from improper handling of a specially crafted POST request for actionwireless in the file /usr/lib/lua/luci/control/admin/wireless.lua, which...

8.8CVSS6.9AI score0.02666EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50666

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR600W affected versions not specified Description An issue exists in Ruijie RG-BCR600W that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the restart modules function located in...

8.8CVSS7.2AI score0.01725EPSS
Exploits0References6
CNVD
CNVD
added 2025/12/10 12:0 a.m.3 views

D-Link DCS-930L Command Injection Vulnerability

D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...

8.8CVSS7.9AI score0.07402EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.7 views

PT-2025-50325

Unauthenticated Telnet enablement via cstecgi.cgi auth bypass leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.6369 B20230113 arbitrary command execution. Earlier versions that share the same implementation, may also be affected...

7.3AI score0.10987EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

Jenkins plugin Git client 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

5CVSS6.6AI score0.00179EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 4:17 p.m.5 views

AZL-72556 CVE-2025-2296 affecting package edk2 for versions less than 20230301gitf80f052277c8-44

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score0.00704EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.7 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 3:0 p.m.18 views

CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS0.00704EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 3:0 p.m.4 views

CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6.6AI score0.00704EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-2296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...

8.4CVSS6.1AI score0.00704EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/08 9:26 a.m.3 views

CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS7.4AI score0.00477EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/05 6:31 p.m.3 views

EUVD-2025-201427

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to execute arbitrary system commands...

5.1CVSS6.9AI score0.02786EPSS
Exploits1References3
OSV
OSV
added 2025/12/05 4:15 p.m.4 views

CVE-2025-64053

A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint...

7.5CVSS6.2AI score0.03076EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/05 12:0 a.m.22 views

CVE-2025-64053

A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint...

0.03076EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/05 12:0 a.m.21 views

CVE-2025-64054

A reflected Cross Site Scripting XSS vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint...

0.00397EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.3 views

Fanvil x210 安全漏洞

Fanvil x210 is an IP telephony device from Fanvil. A security vulnerability exists in the Fanvil x210 version 2.12.20, which originates from reflective cross-site scripting and could result in a denial of service or execution of arbitrary commands...

9.6CVSS6.4AI score0.00397EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.2 views

Flexsense DiskBoss 代码问题漏洞

Flexsense DiskBoss is a disk management tool from Flexsense, Inc. A code issue vulnerability exists in Flexsense DiskBoss version 11.7.28, which stems from unquoted service paths and could allow an attacker to elevate privileges and execute arbitrary system commands...

8.5CVSS7.4AI score0.00245EPSS
Exploits0References4
Rows per page
Query Builder