Lucene search
+L

341 matches found

OSV
OSV
added 2025/05/25 12:17 p.m.4 views

MAL-2025-4424 Malicious code in @cat-ecom/pcc-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 96cbe81d68d4bf1046012598de37b5dcef6f28b3ce01653ab29b3405b359d30e The OpenSSF Package Analysis project identified '@cat-ecom/pcc-components' @ 99.99.99 npm as malicious. It is considered malicious because: - Th...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:46 a.m.8 views

CVE-2024-48631

D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...

8CVSS8.7AI score0.02083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:44 a.m.7 views

CVE-2024-21821

Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands...

8CVSS7.5AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:5 a.m.9 views

CVE-2024-51254

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...

8.8CVSS7.7AI score0.00414EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.12 views

CVE-2023-33486

TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contain a command insertion vulnerability in setOpModeCfg. This vulnerability allows an attacker to execute arbitrary commands through the "hostName" parameter...

9.8CVSS7.8AI score0.01409EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:10 p.m.6 views

CVE-2021-38611

A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php...

10CVSS7.6AI score0.01935EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 p.m.6 views

CVE-2021-21308

PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2...

9.1CVSS6.7AI score0.01049EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.17 views

CVE-2019-15343

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...

7.8CVSS7.1AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/07 12:24 a.m.16 views

CVE-2025-26241

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket =1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topicid" URL parameters combination...

6.5CVSS8.5AI score0.00242EPSS
Exploits1References1
CVE
CVE
added 2025/05/01 12:0 a.m.64 views

CVE-2025-44839

CVE-2025-44839 affects TOTOLINK CA600-PoE (V5.3c.6665_B20180820). The CloudSrvUserdataVersionCheck function is vulnerable to command injection via the magicid parameter, allowing arbitrary commands through a crafted request. Root cause: insufficient filtering of constructed command characters in ...

6.5CVSS8.3AI score0.00903EPSS
Exploits1References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/30 1:30 a.m.5 views

Malicious code in rippling-marketing-site (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 33a7126a0a4c766d46bba75737e5f330267038f14b6006030e92fc55e076d658 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/26 2:35 a.m.3 views

Malicious code in bagayaluzqdl159 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7811a14ef94ae6d98abe542d9f5c3d933e30c3a7d85a4f5fe707e102acbb6f2d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/14 4:11 p.m.5 views

Malicious code in cryptomus-aurora-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db5768718bc2c708ec27865d8e381f97ca5fb81b191a946bc786bb0350aaec26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/03/13 5:37 p.m.5 views

MAL-2025-2342 Malicious code in foundry-js-react-blueprint (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 003370478f168f2d57cb08caf6214ba25adf57eaefa736fc7460dd4550ee09c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSV
OSV
added 2025/03/12 10:49 a.m.4 views

MAL-2025-2338 Malicious code in malwaretest (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 397437468f634806853b4f3a7f82626c63224cb1d7f173af2aa530d126540ea9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/11 2:55 a.m.5 views

Malicious code in limit-order-validation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7ad6cba9faf323fb0ffae19f703ba40944f39673b2e8803037d19ff0990671f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-24803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asciidoctor-include-ext is Asciidoctor's standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied...

10CVSS7.3AI score0.02719EPSS
Exploits1References3
OSV
OSV
added 2025/03/04 6:9 p.m.2 views

MAL-2025-2074 Malicious code in adminauthserv-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f01fbeb3da8a3ec0a1c93f3ff5431e6be6693f2a2e13482834637f2b73e99d13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSV
OSV
added 2025/03/04 2:16 a.m.4 views

MAL-2025-2062 Malicious code in learning-kotlin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5560da3fe5e63bf7da20ae1cd458fd7999e279367f07227ce8a6019ca497dc87 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSV
OSV
added 2025/02/21 9:3 p.m.5 views

MAL-2025-1515 Malicious code in @starkgate-v2/web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd18cb51b9bfc804c264ad648ce51fda4711022cb95ee99b35e70739222662ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
Rows per page
Query Builder