Lucene search
K

174 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27687

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00499EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/11 12:0 a.m.2 views

Fortinet FortiDDoS-F Operating System Command Injection Vulnerability

Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...

6.7CVSS8.2AI score0.00479EPSS
Exploits0References1
CVE
CVE
added 2025/08/29 5:16 p.m.19 views

CVE-2025-30274

CVE-2025-30274 describes a NULL pointer dereference in QNAP QTS and QuTS hero that can lead to a denial-of-service. Multiple sources (NVD, Red Hat, CNVD, OpenVAS, CIRCL, etc.) confirm affected products and provide consistent remediation: upgrade to QTS 5.2.5.3145 build 20250526 or later, and QuTS...

6.5CVSS6.3AI score0.00289EPSS
Exploits0References1Affected Software1
IBM AIX
IBM AIX
added 2025/08/20 8:31 a.m.11 views

AIX/VIOS is affected by arbitrary code execution (CVE-2025-47273 CVE-2025-4330 CVE-2024-12718 CVE-2025-4138 CVE-2025-4517) due to Python

IBM SECURITY ADVISORY First Issued: Wed Aug 20 08:31:06 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/pythonadvisory16.asc Security Bulletin: AIX is affected by arbitrary code execution CVE-2025-47273, CVE-2025-4330,...

9.4CVSS7.5AI score0.01479EPSS
Exploits18
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.4 views

Fortinet FortiWeb 操作系统命令注入漏洞

Fortinet FortiWeb is a Web application layer firewall from Fiat Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure Web applications and protect sensitive database content. Fortinet FortiWeb versions 7.6.0 throu...

6.7CVSS7.9AI score0.00462EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/10 3:32 a.m.9 views

CVE-2024-58256

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

4.5CVSS7.4AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/06 3:29 p.m.5 views

CVE-2025-30099

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an ...

7.8CVSS7.1AI score0.00432EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/04 2:32 p.m.3 views

CVE-2025-30096

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an ...

6.7CVSS7.6AI score0.00439EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.9 views

The vulnerability of Windows Event Tracing service allows attackers to enhance their privileges.

The vulnerability of Windows Event Tracing in operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.4AI score0.00352EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.6 views

The vulnerability of the UFS loader component of the Grub2 operating system, which allows a hacker to trigger a service failure

The vulnerability of the UFS loader component in operating systems like Grub relates to writing beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00318EPSS
Exploits0References11Affected Software6
RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.4 views

CVE-2024-48866

An improper handling of URL encoding Hex Encoding vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state. We have already fixed the vulnerability in the following...

2.3CVSS7AI score0.00431EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:49 a.m.8 views

CVE-2024-53691

A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following...

8.8CVSS6.9AI score0.20112EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:41 a.m.8 views

CVE-2024-37045

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS6.9AI score0.00574EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:41 a.m.8 views

CVE-2024-37044

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the followin...

5.1CVSS7.4AI score0.0083EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.7 views

CVE-2023-30805

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is due to mishandling ...

9.8CVSS9.8AI score0.65799EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:5 p.m.11 views

CVE-2020-16280

Multiple Rangee GmbH RangeeOS 8.0.4 modules store credentials in plaintext including credentials of users for several external facing administrative services, domain joined users, and local administrators. To exploit the vulnerability a local attacker must have access to the underlying operating...

5.5CVSS6.8AI score0.0026EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 1:26 p.m.9 views

CVE-2018-16721

In Jingyun Antivirus v2.4.2.39, the driver file ZySandbox.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306...

7.8CVSS7.2AI score0.00315EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/18 12:0 a.m.3 views

Huawei HarmonyOS Buffer Overflow Vulnerability Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer overflow vulnerability that can be exploited by attackers to affect availability...

7.5CVSS7.6AI score0.00243EPSS
Exploits0References1
NVD
NVD
added 2025/04/13 12:15 a.m.27 views

CVE-2025-2814

Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to...

4CVSS0.00176EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

Microsoft Lightweight Directory Access Protocol(LDAP) 资源管理错误漏洞

Microsoft Lightweight Directory Access Protocol LDAP is a directory services protocol from Microsoft Corporation USA that runs on a layer above the TCP/IP stack. A resource management error vulnerability exists in Microsoft Lightweight Directory Access Protocol LDAP. An attacker exploiting this...

8.1CVSS8.3AI score0.01834EPSS
Exploits0References2
Rows per page
Query Builder