Lucene search
K

25396 matches found

OSV
OSV
added yesterday5 views

ROOT-OS-DEBIAN-12-CVE-2026-41080 CVE-2026-41080 in rootio-expat - Patched by Root

Root has patched CVE-2026-41080 in the rootio-expat package for Root:Debian:12. Multiple fixed versions available...

3.7CVSS5.4AI score0.00379EPSS
Exploits0
Nuclei
Nuclei
added yesterday80 views

sar2html <=3.2.2 Plot Parameter - Remote Code Execution

sar2html version 3.2.2 and prior contains an OS command injection vulnerability in the plot parameter of index.php. A remote, unauthenticated attacker can append shell metacharacters to the plot parameter and execute arbitrary operating system commands. id: CVE-2025-34030 info: name: sar2html...

10CVSS7.2AI score0.60635EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday51 views

Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal

The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...

7.5CVSS7.1AI score0.04325EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday17 views

Web-Check < 2.0.1 Screenshot API - OS Command Injection

Lissy93/web-check contains a command injection caused by unsanitized user input in the screenshot API, letting attackers execute arbitrary system commands, exploit requires sending crafted url parameters. id: CVE-2025-32778 info: name: Web-Check 2.0.1 Screenshot API - OS Command Injection author:...

9.3CVSS6.3AI score0.19761EPSS
Exploits4References4
Metasploit
Metasploit
added 4 days ago17 views

FTP Fetch, Windows Meterpreter Shell, Reverse HTTPS Inline (x64)

Fetch and execute an x64 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago16 views

FTP Fetch, Windows Meterpreter Shell, Reverse HTTPS Inline

Fetch and execute an x86 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x86/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago21 views

FTP Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline

Fetch and execute an x86 payload from an FTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x86/meterpreterbindnamedpipe msf payloadmeterpreterbindnamedpipe show actions ...actions... msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago16 views

FTP Fetch, Windows Meterpreter Shell, Reverse HTTP Inline

Fetch and execute an x86 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x86/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago23 views

FTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline x64

Fetch and execute an x64 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf...

6.2AI score
Exploits0
NVD
NVD
added 4 days ago7 views

CVE-2026-56688

Dell PowerFlex Manager, Version prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability during OS Repository processing to achie...

9.1CVSS0.01285EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-56688

Dell PowerFlex Manager, Version prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability during OS Repository processing to achie...

9.1CVSS6.3AI score0.01285EPSS
Exploits0References2
NVD
NVD
added 4 days ago8 views

CVE-2026-41880

R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition OCR module. Multiple command execution functions accept user-controllable file paths without proper sanitization before passing them to the system shell via SSH. In current infrastructure the URL encoding...

9CVSS0.01331EPSS
Exploits0References1
NVD
NVD
added 4 days ago8 views

CVE-2026-41876

R-SOFT DMS is vulnerable to OS Command Injection in konwertujAction function. The document converter executes shell commands using unsanitized file paths and format parameters. This allows an authenticated attacker to execute arbitrary system commands with the privileges of the web server user...

8.7CVSS0.01228EPSS
Exploits0References1
OSV
OSV
added 4 days ago6 views

ROOT-OS-DEBIAN-12-CVE-2026-5773 CVE-2026-5773 in rootio-curl - Patched by Root

Root has patched CVE-2026-5773 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.8AI score0.00549EPSS
Exploits1
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-41880 OS Command Injection in R-SOFT DMS

R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition OCR module. Multiple command execution functions accept user-controllable file paths without proper sanitization before passing them to the system shell via SSH. In current infrastructure the URL encoding...

9CVSS0.01331EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-41876

R-SOFT DMS is vulnerable to OS Command Injection in konwertujAction function. The document converter executes shell commands using unsanitized file paths and format parameters. This allows an authenticated attacker to execute arbitrary system commands with the privileges of the web server user...

8.7CVSS6.3AI score0.01228EPSS
Exploits0References2
Wolfi
Wolfi
added 4 days ago7 views

CVE-2026-14052 vulnerabilities

Vulnerabilities for packages: chromium...

4.3CVSS6.1AI score0.00221EPSS
Exploits0
Wolfi
Wolfi
added 4 days ago5 views

GHSA-X454-5847-5CWH vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago6 views

GHSA-VRWX-R2MM-M3QM vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago6 views

GHSA-2FJR-R86H-FPW3 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Rows per page
Query Builder