Lucene search
K

25207 matches found

RedhatCVE
RedhatCVE
added 2025/11/17 5:3 p.m.2 views

CVE-2025-13193

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability. Mitigation Mitigation for this issue is either...

5.5CVSS5.5AI score0.00104EPSS
Exploits0References3
NVD
NVD
added 2025/11/17 4:15 a.m.7 views

CVE-2025-13284

ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...

9.8CVSS0.01619EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/17 3:37 a.m.3 views

CVE-2025-13284 ThinPLUS|ThinPLUS - OS Command Injection

ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...

9.8CVSS7.5AI score0.01619EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/17 3:37 a.m.5 views

EUVD-2025-197757

ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...

9.8CVSS7.4AI score0.01619EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/11/17 12:0 a.m.4 views

Mozilla Thunderbird Security Update (mfsa_2025-90) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

9.8CVSS7.2AI score0.0041EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.4 views

Maxum Rumpus FTP Server 操作系统命令注入漏洞

Maxum Rumpus FTP Server is an FTP server software from Maxum. An operating system command injection vulnerability exists in Maxum Rumpus FTP Server version 9.0.12, which stems from improper neutralization of a special element and can lead to OS command injection...

9.8CVSS7.5AI score0.00743EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.8 views

PT-2025-47179

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The software contains a flaw related to improper neutralization of special elements used in an OS command, potentially leading to OS command injection. This iss...

6.8CVSS7AI score0.00743EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/15 4:28 p.m.10 views

CVE-2025-8870

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153...

5.6CVSS6.9AI score0.00145EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/15 12:0 a.m.3 views

Photon OS 5.0: Linux PHSA-2025-5.0-0679

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0679. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.1CVSS7.6AI score0.00156EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/15 12:0 a.m.3 views

Photon OS 5.0: Samba PHSA-2025-5.0-0648

An update of the samba package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0648. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

10CVSS7AI score0.39677EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/11/14 10:1 p.m.6 views

CVE-2025-36251

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...

9.8CVSS7.4AI score0.00858EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 7:2 p.m.12 views

CVE-2025-13123

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS6.8AI score0.00296EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/14 5:15 a.m.7 views

CVE-2025-64444

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS...

8.6CVSS0.01124EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/14 12:30 a.m.7 views

EUVD-2025-180541

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...

9.6CVSS6.9AI score0.00858EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.7 views

PT-2025-46941

Name of the Vulnerable Software and Affected Versions NCP-HG100 versions 1.4.48.16 and earlier Description An issue exists where special elements are not properly neutralized when used in operating system commands, potentially leading to OS Command Injection. A remote attacker who has valid...

8.6CVSS7.7AI score0.01124EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.6 views

PT-2025-46974

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description Certain serial console input on affected platforms running Arista EOS may cause an unexpected reload of the device. Recommendations At the moment, there is no information about a newer...

5.6CVSS6.5AI score0.00145EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.5 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista USA. A security vulnerability exists in Arista EOS that stems from improper handling of serial console inputs, which could result in an unexpected reboot of the device...

5.6CVSS6.7AI score0.00145EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/14 12:0 a.m.3 views

Unspecified Vulnerability in AXIS OS

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from a third-party component exposing passwords in process parameters, which can be exploited by an attacker to cause low-privilege user access...

6CVSS6.9AI score0.00096EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 10:15 p.m.10 views

CVE-2025-36251

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...

9.8CVSS0.00498EPSS
Exploits0References1
OSV
OSV
added 2025/11/13 10:15 p.m.4 views

CVE-2025-36096

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...

8.1CVSS5.8AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder