Lucene search
K

9 matches found

NVD
NVD
added 9 hours ago6 views

CVE-2026-40047

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Camel Docling component. The camel-docling component invokes the external docling command-line tool by assembling an argument list in DoclingProducer and executing it through...

Exploits0References2
Cvelist
Cvelist
added 11 hours ago6 views

CVE-2026-40047 Apache Camel: Camel-Docling: Insufficient validation of custom CLI arguments enables argument injection and path traversal in DoclingProducer

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Camel Docling component. The camel-docling component invokes the external docling command-line tool by assembling an argument list in DoclingProducer and executing it through...

Exploits0References1
EUVD
EUVD
added 11 hours ago3 views

EUVD-2026-41823

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Camel Docling component. The camel-docling component invokes the external docling command-line tool by assembling an argument list in DoclingProducer and executing it through...

5.9AI score
Exploits0References1
CVE
CVE
added 11 hours ago8 views

CVE-2026-40047

CVE-2026-40047 affects Apache Camel Camel-Docling: insufficient validation of custom CLI arguments in DoclingProducer allowed argument injection and directory traversal via CamelDoclingCustomArguments and related path headers. The issue arises from relying on a denylist and simple '../' checks, e...

5.9AI score
Exploits0References2
OSV
OSV
added 2024/06/13 5:15 p.m.5 views

CVE-2024-38279

The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes...

4.6CVSS5.8AI score0.00252EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.7 views

PT-2024-27917 · Motorola Solutions +1 · Vigilant Fixed Lpr Coms Box +2

Name of the Vulnerable Software and Affected Versions: Affected product affected versions not specified Description: The issue allows an attacker to modify the bootloader by using custom arguments to bypass authentication, gaining access to the file system and obtaining password hashes...

5.1CVSS7.1AI score0.00252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.4 views

PT-2022-27287 · Siemens · Simatic Wincc

Name of the Vulnerable Software and Affected Versions: SIMATIC WinCC OA versions prior to V3.15 P038 SIMATIC WinCC OA versions prior to V3.16 P035 SIMATIC WinCC OA versions prior to V3.17 P024 SIMATIC WinCC OA versions prior to V3.18 P014 Description: A vulnerability allows injecting custom...

5.4CVSS5.4AI score0.00532EPSS
Exploits0References2
CVE
CVE
added 2022/12/13 12:0 a.m.62 views

CVE-2022-44731

The CVE-2022-44731 vulnerability affects Siemens SIMATIC WinCC OA Ultralight Client. The Ultralight Client backend can be injected with custom arguments under certain conditions when started via the web interface, enabling an authenticated remote attacker to inject parameters (e.g., open attacker...

5.4CVSS5.3AI score0.00532EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2018/10/05 2:0 p.m.10 views

CVE-2018-0477 Cisco IOS XE Software Command Injection Vulnerabilities

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, faili...

7.7AI score0.00492EPSS
Exploits0References2
Rows per page
Query Builder