Lucene search
+L

130 matches found

redhatcve
redhatcve
added 2025/07/13 11:19 a.m.8 views

CVE-2025-50123

A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console and through exploitation of the hostname input...

7.2CVSS6.8AI score0.00313EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/23 5:2 a.m.8 views

CVE-2023-27893

An attacker authenticated as a user with a non-administrative role and a common remote execution authorization in SAP Solution Manager and ABAP managed systems ST-PI - versions 20881700, 20081710, 740, can use a vulnerable interface to execute an application function to perform actions which they...

8.8CVSS7.1AI score0.01184EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:33 a.m.11 views

CVE-2023-27766

An issue found in Wondershare Technology Co.,Ltd Anireel 1.5.4 allows a remote attacker to execute arbitrary commands via the anireelsetupfull9589.exe file...

7.8CVSS7.9AI score0.00433EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 1:14 a.m.10 views

CVE-2022-23677

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices versions: ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch...

9.3CVSS7.8AI score0.19536EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 11:22 a.m.7 views

CVE-2013-1222

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbitrary custom web applications via a crafted 1 HTTP or 2 HTTPS request, aka Bug ID CSCub38379...

7.8CVSS7.1AI score0.0123EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:35 a.m.12 views

CVE-2019-16759

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request...

9.8CVSS7.4AI score0.99728EPSS
Exploits27References1
redhatcve
redhatcve
added 2025/05/22 6:6 a.m.7 views

CVE-2013-1875

commandwrap.rb in the commandwrap Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL or filename...

7.5CVSS8.3AI score0.03633EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/21 7:50 p.m.7 views

CVE-2005-2994

Unspecified vulnerability in the web client for IBM Rational ClearQuest 2002.05.00 and 2002.05.20, and 2003.06.00 through 2003.06.15 before SR5, allows remote attackers to execute XML Style Sheets XSS...

6.8CVSS7.2AI score0.01148EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/04/21 12:0 a.m.5 views

CVE-2025-29659

Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmdlisten" function located in the "cmd" binary...

6.8AI score0.01354EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/03/27 12:21 a.m.16 views

CVE-2025-29635

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/setprohibiting via the corresponding function, triggering remote command execution...

8.8CVSS8.7AI score0.87239EPSS
Exploits1References1
nvd
nvd
added 2025/03/11 10:15 a.m.8 views

CVE-2025-27398

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of...

2.7CVSS0.0031EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/09 12:0 a.m.257 views

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

0.0118EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/10/23 12:0 a.m.4 views

Cisco Secure Firewall Management Center 安全漏洞

Cisco Secure Firewall Management Center is a powerful network security management tool from Cisco. A command execution vulnerability exists in Cisco Secure Firewall Management Center that stems from insufficient input validation of certain HTTP request parameters sent to the web management...

7.2CVSS7.7AI score0.00782EPSS
Exploits0References1
cve
cve
added 2024/10/08 5:35 p.m.80 views

CVE-2024-43543

CVE-2024-43543 is a Windows Mobile Broadband Driver Remote Code Execution vulnerability. The initial document states it affects Windows Mobile Broadband Driver and provides CVSS v3.1 metrics: AV/Physical, AC/Low, PR/None, UI/None, S/Unchanged; impacts Confidentiality, Integrity, Availability all ...

6.8CVSS7.7AI score0.00621EPSS
Exploits0References1Affected Software9
bdu_fstec
bdu_fstec
added 2024/07/17 12:0 a.m.6 views

The vulnerability of the IBM InfoSphere Information Server software platform, related to insufficient validation of incoming requests, allows a hacker to execute an SSRF attack.

The vulnerability of the IBM InfoSphere Information Server software integration platform is related to insufficient testing of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

5.5CVSS5.5AI score0.00235EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2024/06/13 7:40 p.m.35 views

CVE-2024-5950 Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

8.8CVSS0.01118EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/12/05 8:10 p.m.16 views

CVE-2023-44221

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability...

7.3AI score0.74933EPSS
Exploits0References1
zdi
zdi
added 2023/08/17 12:0 a.m.16 views

PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00327EPSS
Exploits0References1
attackerkb
attackerkb
added 2023/06/16 1:15 a.m.5 views

CVE-2023-32028

Microsoft SQL OLE DB Remote Code Execution Vulnerability...

7.8CVSS5.8AI score0.00722EPSS
Exploits0References2Affected Software7
f5
f5
added 2023/02/21 7:53 p.m.27 views

K16428: setroubleshoot vulnerability CVE-2015-1815

Security Advisory Description The getrpmnvrbyfilepathtemporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name. CVE-2015-1815 Impact None. F5 products are not affected by this vulnerability. Security...

10CVSS7.4AI score0.16335EPSS
Exploits1
Rows per page
Query Builder