Lucene search
K

19628 matches found

Tenable Nessus
Tenable Nessus
added 2024/08/23 12:0 a.m.26 views

Acronis Cyber Infrastructure 5.1.x < 5.1.1-71 / 5.2.x < 5.2.1-69 / 5.3.x < 5.3.1-53 / 5.4.x < 5.4.4-132 / < 5.0.1-61 (SEC-6452)

The version of Acronis Cyber Infrastructure installed on the remote host is prior to 5.0.1-61, 5.1.1-71, 5.2.1-69, 5.3.1-53, or 5.4.4-132. It is, therefore, affected by a vulnerability as referenced in the SEC-6452 advisory. - Remote command execution due to use of default passwords. The followin...

9.8CVSS8.8AI score0.53535EPSS
Exploits3References2
OSV
OSV
added 2024/08/22 8:15 p.m.2 views

CVE-2024-8077

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been classified as critical. This affects the function setTracerouteCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. NOTE: The vendor was contacted early about this...

9.8CVSS5.5AI score0.02949EPSS
Exploits1References4
CNVD
CNVD
added 2024/08/22 12:0 a.m.6 views

Remote Command Execution Vulnerability in H2 Component of e-cology Product of Panmicro Networks Technology Co.

e-cology is a new and efficient collaborative office system created by Panavision for medium and large organizations. A remote command execution vulnerability exists in the H2 component of the e-cology product of Panmicro Networks Technology Co. The vulnerability allows obtaining an administrator...

8.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/21 12:0 a.m.5 views

PT-2024-6664 · D Link · D-Link Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100G version 17.12.20A1 Description: The issue is related to a command injection vulnerability via the sub47A60C function in the upgrade filter.asp file. This vulnerability is associated with the failure to neutralize special...

9.8CVSS8.2AI score0.02891EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.4 views

PT-2024-30174 · Trendnet · Trendnet Tew-752Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-752DRU version 1.03B01 Description: The issue is due to a lack of length verification for the service field in gena.cgi, leading to a buffer overflow. This can cause the remote target device to crash or allow attackers to execute...

9.8CVSS8AI score0.00698EPSS
Exploits1References9
NVD
NVD
added 2024/08/18 4:15 p.m.27 views

CVE-2024-7907

A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.85220230719. This issue affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument rtLogServer leads to command injection. The attack may be initiated remotely. T...

9.8CVSS0.06239EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/08/18 12:0 a.m.6 views

PT-2024-6467 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 20230719 Description: A critical issue has been found in the TOTOLINK X6000R, affecting the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument rtLogServer leads to...

10CVSS7AI score0.06239EPSS
Exploits1References16
OSV
OSV
added 2024/08/17 2:15 p.m.1 views

CVE-2024-7896

A vulnerability was found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cgi-bin/p1ftpserver.php. The manipulation of the argument adrtxt leads to command injection. The attack ma...

8.8CVSS5.6AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/16 12:0 a.m.7 views

PT-2024-14840 · Undefined · Undefined

"Source": "CVE FEED", "Title": "CVE-2023-5888 - Apache Web Server Remote Command Execution Vulnerability", "Content": "CVE ID : CVE-2023-5888 Published : Aug. 16, 2024, 7:15 p.m. | 38 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-7246...

5.4CVSS7.6AI score0.00813EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.6 views

PT-2024-30218 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: An issue in the handler function in "/goform/telnet" allows attackers to execute arbitrary commands via a crafted HTTP request. Recommendations: For Tenda FH1201 version 1.2.0.14, as a temporary...

9.8CVSS7.5AI score0.0098EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.5 views

The export function of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps is vulnerable, allowing a perpetrator to execute arbitrary commands.

The vulnerability of the export function of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps relates to the absence of a mechanism to neutralize elements in the CSV file. Exploiting this vulnerability allows an attacker operating...

5.5CVSS5.8AI score0.00437EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2024/08/12 12:0 a.m.188 views

Backdoor.Win32.Nightmare.25 MVID-2024-0687 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/0fe8f37543e8face08941899add38e35.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Nightmare.25 Vulnerability: Unauthenticated Remote Command Execution Family:...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/11 12:0 a.m.5 views

PT-2024-38516

Name of the Vulnerable Software and Affected Versions TeamT5 ThreatSonar Anti-Ransomware versions through 3.4.5 Description ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. This allows remote attackers with administrator privileges on the product...

7.2CVSS6.3AI score0.01807EPSS
Exploits0References33
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/10 11:5 p.m.5 views

Malicious code in artifact-lab-3-package-34b21b63 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a814378a8188b464c5289007203c2b20c3ec2a0383ee18bd96e0f41ad44d7982 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

7.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/10 12:0 a.m.8 views

PT-2024-41041 · Qtech · Qtech Gigabit Spf Wifi Gateway

Name of the Vulnerable Software and Affected Versions: Qtech Gigabit SPF WiFi Gateway affected versions not specified Description: The issue is related to inadequate access control in the Qtech Gigabit SPF WiFi Gateway's firmware, allowing a remote attacker to execute arbitrary commands on the...

9CVSS7.8AI score
Exploits0References1
NVD
NVD
added 2024/08/08 5:15 p.m.55 views

CVE-2024-42366

VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...

9CVSS0.00743EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/08 4:51 p.m.34 views

CVE-2024-42366 VR Overlay RCE

VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...

9CVSS0.00743EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/08 4:51 p.m.29 views

CVE-2024-42366 VR Overlay RCE

VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...

9CVSS6.8AI score0.00743EPSS
Exploits0References2
OSV
OSV
added 2024/08/08 4:51 p.m.19 views

CVE-2024-42366 VR Overlay RCE

VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...

9CVSS6.7AI score0.00743EPSS
Exploits0References4
CVE
CVE
added 2024/08/08 4:51 p.m.89 views

CVE-2024-42366

Summary of CVE-2024-42366 (VR Overlay RCE) VRCX, a VRChat assistant/companion app, contained a vulnerability in versions prior to 2024.03.23 where a CefSharp browser with elevated privileges could be combined with an overlay notification to perform remote command execution (RCE). The issue is doc...

9CVSS9.2AI score0.00743EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder