25205 matches found
EUVD-2025-198085
A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...
EUVD-2025-198069
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37162
A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...
CVE-2025-37162 Authenticated Command Injection Vulnerability Leading to Arbitrary Remote Command Execution
A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...
CVE-2025-37162 Authenticated Command Injection Vulnerability Leading to Arbitrary Remote Command Execution
A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...
CVE-2025-37163
A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...
CVE-2025-37158
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37157
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37163 Authenticated Command Injection Vulnerability in HPE Aruba Networking Management Software (AirWave) CLI
A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...
CVE-2025-37163 Authenticated Command Injection Vulnerability in HPE Aruba Networking Management Software (AirWave) CLI
A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...
CVE-2025-37158 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37157 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-63408
Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request SSRF, or execute OS commands...
CVE-2025-55179
Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We have not seen...
CVE-2025-8404
CVE-2025-8404 describes a stack buffer overflow in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can trigger a crafted header to overflow a stack and achieve arbitrary code execution on the BMC firmware OS. The issue is assessed with CVSS 3.1: Network attack ...
EUVD-2025-197951
Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system...
CVE-2025-7623 Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability
Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system...
CVE-2025-60022
Improper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10.00. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on and/or tamper with an encrypted communication...
CVE-2025-8693
A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50ABVY.6.3C0 and earlier could allow an authenticated attacker to execute operating system OS commands on an affected device...
CVE-2025-8693
Zyxel DX3300-T0 firmware versions prior to 5.50(ABVY.6.3)C0 are affected by a post-authentication command-injection vulnerability in the priv parameter that could allow an authenticated attacker to execute OS commands. The PT-2025-47237 entry confirms the affected firmware range and the impact. R...