Lucene search
K

16979 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:44 p.m.7 views

CVE-2005-1734

Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors...

7.5CVSS9AI score0.01198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.8 views

CVE-2023-50809

In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code executio...

7.8CVSS7.8AI score0.00391EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.9 views

CVE-2023-49959

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges via a crafted filename parameter in POST requests to the /api/updater/ctrl/startupdate...

9.8CVSS8.5AI score0.01379EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.6 views

CVE-2023-45741

VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands...

6.8CVSS7.7AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:24 p.m.8 views

CVE-2018-14067

Green Packet WiMax DV-360 2.10.14-g1.0.6.1 devices allow Command Injection, with unauthenticated remote command execution, via a crafted payload to the HTTPS port, because lighttpd listens on all network interfaces including the external Internet by default. NOTE: this may overlap CVE-2017-9980...

10CVSS7.3AI score0.07016EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.12 views

CVE-2009-4789

Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 wp-comments-post.php and 2 wp-trackback.php...

7.5CVSS8.1AI score0.02098EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:52 a.m.12 views

CVE-2009-4127

Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. NOTE: the provenance of this information is...

9.3CVSS7.3AI score0.04959EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.7 views

CVE-2009-4046

Multiple SQL injection vulnerabilities in FrontAccounting FA 2.2.x before 2.2 RC allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 bankaccounts.php, 2 currencies.php, 3 exchangerates.php, 4 glaccounttypes.php, and 5 glaccounts.php in gl/manage/; and 6...

7.5CVSS9AI score0.01051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:50 a.m.7 views

CVE-2009-4393

SQL injection vulnerability in the Document Directorys danpdocumentdirs extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.9AI score0.01013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:46 a.m.6 views

CVE-2010-0338

SQL injection vulnerability in the TTProducts editor ttpedit extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.9AI score0.01021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.9 views

CVE-2020-7128

A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

10CVSS8AI score0.02114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.10 views

CVE-2020-12033

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service RdcyHost.exe does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges...

8.8CVSS7.3AI score0.01099EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.10 views

CVE-2020-10827

A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request...

9.8CVSS9.8AI score0.20881EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.7 views

CVE-2020-10580

A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management ADM through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application...

8.8CVSS8AI score0.03913EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.5 views

CVE-2020-24636

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aru...

10CVSS7.6AI score0.03295EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.4 views

CVE-2024-41997

An issue was discovered in version of Warp Terminal prior to 2024.07.18 v0.2024.07.16.08.02. A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the warp://action/docker/opensubshell intent that when clicked ...

6.6CVSS7.4AI score0.012EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:32 a.m.8 views

CVE-2024-39842

A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs...

7.2CVSS8.4AI score0.01775EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.10 views

CVE-2022-23433

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S12, 12.2.05.6000 in Android R11 and 11.6.08.6000 in Andoid Q10 allows attackers to register reminders or execute exporeted activities remotely...

5.3CVSS7.1AI score0.00607EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:1 a.m.5 views

CVE-2023-25617

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

9CVSS7.2AI score0.00926EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.3 views

RockyLinux 9 : mariadb:10.11 (RLSA-2026:0247)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0247 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log...

7CVSS7.3AI score0.01236EPSS
Exploits0References15
Rows per page
Query Builder