Lucene search
K

1924 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.14 views

CVE-2026-53694

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

7.3CVSS5.4AI score0.00131EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

openSUSE 16 Security Update : sshfs (openSUSE-SU-2026:20915-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20915-1 advisory. Changes in sshfs: - Update to 3.7.6: - Added new maintainer: abhinavagarwal07 Abhinav Agarwal - CVE-2026-47187: Fixed critical vulnerability -...

5.7AI score0.00031EPSS
Exploits0References6
NVD
NVD
added 2026/06/10 4:17 p.m.11 views

CVE-2026-53694

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

7.3CVSS0.00131EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/10 2:57 p.m.28 views

CVE-2026-53694 Potential local privileges escalation through argument injection in the nxchmod.sh script

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

7.3CVSS0.00131EPSS
Exploits1References2
CVE
CVE
added 2026/06/10 2:57 p.m.21 views

CVE-2026-53694

CVE-2026-53694 affects Nomachine deployments prior to 9.5.7 and pre-8.23.2, with a local privilege-escalation path via an argument-delimiter handling flaw described as an Argument Injection vulnerability. The core issue is improper neutralization of argument delimiters in a command, enabling inje...

7.3CVSS5.5AI score0.00131EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/10 2:57 p.m.12 views

EUVD-2026-36060

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

7.3CVSS5.5AI score0.00131EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/06/07 8:1 a.m.9 views

Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution

...

7.8CVSS5.4AI score0.00156EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.11 views

CVE-2026-8773

A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall/db/util/DbUtil.java of the component Database Setting Handler. The manipulation of the argument...

5.8CVSS5.2AI score0.00244EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.10 views

CVE-2026-25690

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

6.5CVSS5.5AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.9 views

CVE-2026-43893

exiftool-vendored provides cross-platform Node.js access to ExifTool. Prior to 35.19.0, exiftool-vendored starts ExifTool in -stayopen True -@ - mode, where arguments are read from stdin one per line. In affected versions, several caller-supplied strings were interpolated into ExifTool arguments...

8.2CVSS6.2AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.13 views

CVE-2026-2449

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

9CVSS5.4AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-39884

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Versions 3.4.0 and prior contain an argument injection vulnerability in the portforward tool in src/tools/portforward.ts, where a kubectl command is constructed via string concatenation with user-controlle...

8.3CVSS5.5AI score0.00258EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/05 3:40 p.m.10 views

Arbitrary Argument Injection

Overview mcp-server-kubernetes is a MCP server for interacting with Kubernetes clusters via kubectl Affected versions of this package are vulnerable to Arbitrary Argument Injection via the kubectlgeneric tool. An attacker can obtain sensitive authentication tokens by injecting malicious flags in ...

8.7CVSS5.5AI score0.00267EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/05 10:17 a.m.9 views

Arbitrary Argument Injection

Overview ansible-core is an a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc task execution, network automation, and multi-node orchestration. Ansible makes complex changes like zero-downtime rolling updates with load...

8.4CVSS6.5AI score0.00156EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/05 8:21 a.m.7 views

CVE-2026-11332 Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References3
CVE
CVE
added 2026/06/05 8:21 a.m.62 views

CVE-2026-11332

CVE-2026-11332 affects ansible-core via the ansible-galaxy role install command. The vulnerability arises when processing a role’s meta/requirements.yml, where improper neutralization of argument delimiters allows a malicious role author to inject arbitrary git configuration flags through the src...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References4
CVE
CVE
added 2026/06/04 5:39 p.m.25 views

CVE-2025-71316

CVE-2025-71316 affects SQLite sqldiff.exe and is due to insecure handling of Unicode-to-ANSI conversion in the Windows C runtime. An attacker could use the -L option to load an arbitrary DLL by crafting a command line argument string, causing command line file arguments to be misinterpreted as op...

9.8CVSS5.9AI score0.00384EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/04 5:39 p.m.28 views

CVE-2025-71316 SQLite sqldiff remote code execution via argument injection

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

9.8CVSS5.6AI score0.00384EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/04 5:39 p.m.31 views

CVE-2025-71316 SQLite sqldiff remote code execution via argument injection

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

9.8CVSS0.00384EPSS
Exploits0References5
ICS
ICS
added 2026/06/04 2:10 p.m.13 views

SQLite sqldiff remote code execution via argument injection

RISK EVALUATION An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being misinterpreted as command line options. 2. RECOMMENDED PRACTICES Fixed on 2025-12-26. 3. DESCRIPTION SQLite 'sqldiff.exe'...

9.8CVSS5.6AI score0.00384EPSS
Exploits0References1
Rows per page
Query Builder