Lucene search
K

25169 matches found

Positive Technologies
Positive Technologies
added 2025/11/26 12:0 a.m.5 views

PT-2025-48189

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-657BRM version 1.00.1 Description The TRENDnet TEW-657BRM device version 1.00.1 contains an authenticated remote OS command injection issue in the setup.cgi binary. An attacker can exploit this by manipulating the HTTP parameters...

8CVSS8.3AI score0.07205EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/11/26 12:0 a.m.6 views

IBM DB2 Information Disclosure and Credential Exposure (7250484) (Unix)

According to its self-reported version number, IBM Db2 on Unix may be affected by a vulnerability: - IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the terminal...

4.6CVSS6.5AI score0.00154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/26 12:0 a.m.2 views

Photon OS 4.0: Linux PHSA-2025-4.0-0914

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0914. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS6.8AI score0.00219EPSS
Exploits0References7
Snyk
Snyk
added 2025/11/25 6:32 p.m.1 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the template management component in REDAXO CMS. An attacker can execute arbitrary operating system commands by injecting PHP code into an active template and triggering its execution when visitors access...

8.6CVSS8.2AI score0.00794EPSS
Exploits2References2
NVD
NVD
added 2025/11/25 4:16 p.m.8 views

CVE-2025-64050

A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...

7.2CVSS0.00794EPSS
Exploits2References3
ICS
ICS
added 2025/11/25 7:0 a.m.5 views

Zenitel TCIV-3+

RISK EVALUATION Successful exploitation of these vulnerabilities could result in arbitrary code execution or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

10CVSS8.4AI score0.02278EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2025/11/25 12:50 a.m.4 views

SUSE CVE-2023-43000

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption...

8.8CVSS7.5AI score0.03901EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2025/11/25 12:25 a.m.3 views

SUSE CVE-2025-43430

This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS6.7AI score0.00956EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/11/25 12:25 a.m.4 views

SUSE CVE-2025-43431

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption...

7.1CVSS6.9AI score0.00752EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/11/25 12:25 a.m.5 views

SUSE CVE-2025-43480

The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious website may exfiltrate data cross-origin...

6.5CVSS6.9AI score0.00432EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.3 views

PT-2025-48168

Name of the Vulnerable Software and Affected Versions Zenitel TCIV-3+ affected versions not specified Description An OS command injection issue arises from insufficient validation of user-provided input. The validation process does not adequately enforce formatting rules, potentially allowing...

10CVSS7.5AI score0.02278EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.2 views

PT-2025-48167

Name of the Vulnerable Software and Affected Versions Zenitel TCIV-3+ affected versions not specified Description An OS command injection issue arises from inadequate sanitization of user-provided input. The application processes parameters without sufficient validation before incorporating them...

10CVSS7.5AI score0.02278EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.7 views

Photon OS 4.0: Openssh PHSA-2025-4.0-0911

An update of the openssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0911. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

3.6CVSS6.3AI score0.00221EPSS
Exploits2References3
Nvidia
Nvidia
added 2025/11/25 12:0 a.m.20 views

Security Bulletin: NVIDIA DGX Spark - November 2025

NVIDIA has released a software update for NVIDIA DGX Spark. To protect your system, download and install the latest version of NVIDIA DGX OS from the NVIDIA DGX site. Go to NVIDIA Product Security. To protect your system, download and install the latest version of NVIDIA DGX OS from the NVIDIA DG...

9.3CVSS7AI score0.00156EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

Photon OS 5.0: Gdb PHSA-2025-5.0-0648

An update of the gdb package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0648. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid27671...

5.5CVSS5.7AI score0.00289EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

Photon OS 5.0: Python3 PHSA-2025-5.0-0628

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0628. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.1CVSS7.8AI score0.02782EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

Photon OS 5.0: Openssh PHSA-2025-5.0-0687

An update of the openssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0687. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

3.6CVSS6.3AI score0.00221EPSS
Exploits2References3
Photon
Photon
added 2025/11/25 12:0 a.m.5 views

Important Photon OS Security Update - PHSA-2025-5.0-0690

Updates of 'linux-esx', 'squid', 'linux' packages of Photon OS have been released...

10CVSS6.6AI score0.6332EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.2 views

Photon OS 4.0: Python3 PHSA-2025-4.0-0912

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0912. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.1CVSS6.5AI score0.004EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2025/11/24 10:48 p.m.148 views

Exploit for OS Command Injection in Fortinet Fortiweb

OS Command Injection Vulnerability in Fortinet FortiWeb CVE-2...

7.2CVSS7.8AI score0.54376EPSS
Exploits9
Rows per page
Query Builder