CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

238 matches found

Positive Technologies•added 2026/04/20 12:0 a.m.•2 views

PT-2026-33763

Name of the Vulnerable Software and Affected Versions Progress ADC Products affected versions not specified Description Two separate issues allow authenticated attackers to execute arbitrary commands on the LoadMaster appliance. The first involves OS command injection via the 'aclcontrol' command...

9.3CVSS6.2AI score0.03371EPSS

Exploits4References4

Positive Technologies•added 2026/04/20 12:0 a.m.•2 views

PT-2026-33766

Name of the Vulnerable Software and Affected Versions Progress ADC Products affected versions not specified Description An OS Command Injection flaw in the user interface allows an authenticated attacker with "All" permissions to execute arbitrary commands on the LoadMaster appliance. This occurs...

9.3CVSS6.2AI score0.03371EPSS

Exploits4References3

CNNVD•added 2026/04/20 12:0 a.m.•4 views

Progress LoadMaster 安全漏洞

Progress LoadMaster is a high-performance application delivery controller ADC and load balancer developed by the American company Progress. There is a security vulnerability in Progress LoadMaster, which stems from uncleaned input for the killsession command. This vulnerability could allow...

8.4CVSS7.6AI score0.00201EPSS

Exploits0References2

Positive Technologies•added 2026/04/20 12:0 a.m.•0 views

PT-2026-33761

Name of the Vulnerable Software and Affected Versions Progress ADC LoadMaster affected versions not specified Description An OS command injection flaw in the API allows an authenticated attacker with Geo Administration permissions to execute arbitrary commands on the appliance. This is possible d...

8.4CVSS6.3AI score0.00273EPSS

Exploits3References9

Zero Day Initiative•added 2026/02/02 12:0 a.m.•1 views

Progress Software Kemp LoadMaster delapikey OS Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of user data passed to the delapikey command. The issue resul...

6.8CVSS6.2AI score0.00156EPSS

Exploits0References1

Zero Day Initiative•added 2026/02/02 12:0 a.m.•2 views

Progress Software Kemp LoadMaster listapikeys Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of user data passed to the listapikeys command. The...

6.4CVSS6.2AI score0.00156EPSS

Exploits0References1

Zero Day Initiative•added 2026/02/02 12:0 a.m.•3 views

Progress Software Kemp LoadMaster addapikey Command Injection Remote Code Execution Vulnerability

6.4CVSS6.2AI score0.00156EPSS

Exploits0References1

Zero Day Initiative•added 2026/02/02 12:0 a.m.•1 views

Progress Software Kemp LoadMaster getcipherset Command Injection Remote Code Execution Vulnerability

7.1CVSS6.2AI score0.0005EPSS

Exploits0References1

Zero Day Initiative•added 2026/02/02 12:0 a.m.•2 views

Progress Software Kemp LoadMaster delcert Command Injection Remote Code Execution Vulnerability

7.1CVSS6.2AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2026/01/14 3:31 p.m.•4 views

CVE-2025-13444

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

8.4CVSS8.2AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2026/01/14 3:30 p.m.•1 views

CVE-2025-13447

8.4CVSS8.2AI score0.00156EPSS

Exploits0References1

NVD•added 2026/01/13 3:15 p.m.•5 views

CVE-2025-13447

8.4CVSS0.00156EPSS

Exploits0References4

OSV•added 2026/01/13 3:15 p.m.•0 views

CVE-2025-13447

6.8CVSS6.2AI score0.00156EPSS

Exploits0References4

NVD•added 2026/01/13 3:15 p.m.•3 views

CVE-2025-13444

8.4CVSS0.0005EPSS

Exploits0References4

OSV•added 2026/01/13 3:15 p.m.•2 views

CVE-2025-13444

6.8CVSS6.2AI score0.00156EPSS

Exploits0References4

Vulnrichment•added 2026/01/13 2:31 p.m.•2 views

CVE-2025-13447 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

8.4CVSS7.7AI score0.00156EPSS

Exploits0References4

Cvelist•added 2026/01/13 2:31 p.m.•16 views

CVE-2025-13447 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

8.4CVSS0.00156EPSS

Exploits0References4

EUVD•added 2026/01/13 2:31 p.m.•3 views

EUVD-2026-2346

8.4CVSS7.6AI score0.00156EPSS

Exploits0References5

CVE•added 2026/01/13 2:31 p.m.•11 views

CVE-2025-13447

CVE-2025-13447 corresponds to a remote code execution via OS Command Injection in Progress LoadMaster API. The connected ZDI advisories detail multiple command-injection flaws (delapikey, delcert, listapikeys, addapikey, getcipherset) that allow authenticated network-adjacent attackers to execute...

8.4CVSS7.7AI score0.00156EPSS

Exploits0References4Affected Software5

Vulnrichment•added 2026/01/13 2:26 p.m.•1 views

CVE-2025-13444 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

8.4CVSS7.7AI score0.0005EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by