Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

303 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-29661

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00426EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-14664

Malicious code in bioql PyPI...

8.5CVSS6.4AI score0.00156EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2024-18021

Malicious code in bioql PyPI...

6.7CVSS6.4AI score0.00188EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.7 views

EUVD-2022-4546

Malicious code in bioql PyPI...

9CVSS8.6AI score0.0262EPSS
Exploits1References4
Microsoft CVE
Microsoft CVEadded 2025/10/02 6:10 a.m.2 views

In older versions of Sendmail, an attacker could use a pipe character to execute root commands.

...

7.2CVSS7AI score0.00441EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/09/25 5:47 p.m.5 views

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

6.7CVSS7.1AI score0.00147EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/25 3:22 p.m.6 views

CVE-2025-43943

Dell Cloud Disaster Recovery, versions prior to 19.20, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with...

6.7CVSS0.00483EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/20 12:0 a.m.5 views

PT-2025-34100 · Undefined · Undefined

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows...

9.3CVSS8.4AI score0.04753EPSS
Exploits1References9
RedhatCVE
RedhatCVEadded 2025/08/16 5:25 p.m.10 views

CVE-2025-20220

A vulnerability in the CLI of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper inp...

6CVSS7.6AI score0.00162EPSS
Exploits0References1
OSV
OSVadded 2025/08/14 5:15 p.m.3 views

CVE-2025-20306

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...

4.9CVSS6.1AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/14 4:40 p.m.3 views

CVE-2025-20220

A vulnerability in the CLI of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper inp...

6CVSS7.5AI score0.00162EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2025/08/14 4:31 p.m.3 views

CVE-2025-20306

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...

4.9CVSS6.1AI score0.00344EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2025/08/14 4:31 p.m.25 views

CVE-2025-20306

Cisco Secure Firewall Management Center (FMC) CMD injection vulnerability (CVE-2025-20306) affects the web-based management interface. An authenticated administrator can exploit insufficient input validation of HTTP request parameters to execute arbitrary commands as root on the underlying OS. Ex...

4.9CVSS7.9AI score0.00344EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/08/14 4:29 p.m.9 views

CVE-2025-20237

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...

6CVSS0.00144EPSS
Exploits0References1
CVE
CVEadded 2025/08/14 4:29 p.m.18 views

CVE-2025-20238

CVE-2025-20238 affects Cisco Secure Firewall ASA/FTD software. The issue arises from insufficient input validation of user-supplied commands, enabling an authenticated local attacker with valid admin credentials to execute arbitrary commands on the underlying OS with root privileges. Exploitation...

6CVSS7.7AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/14 12:0 a.m.4 views

PT-2025-33325 · Cisco · Cisco Secure Firewall Adaptive Security Appliance (Asa) +1

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description: A vulnerability exists in Cisco Secure Firewall Adaptive Security Appliance ASA...

6CVSS6.7AI score0.00144EPSS
Exploits0References3
CVE
CVEadded 2025/08/14 12:0 a.m.16 views

CVE-2025-43984

CVE-2025-43984 affects KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2; Software Version: GC111-GL-LM321_V3.0_20191211). An unauthenticated POST to the endpoint /goform/goform_set_cmd_process , using the SSID parameter, allows remote attackers to execute arbitrary OS commands with root priv...

9.8CVSS8.5AI score0.18231EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/08/09 5:29 p.m.10 views

CVE-2025-34148

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02. When configuring the device in WISP mode, the 'ssid' parameter is passed unsanitized to system-level scripts. This allows remote attackers within Wi-Fi range to inject...

9.4CVSS8AI score0.0132EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEVadded 2025/07/31 12:0 a.m.11 views

VulnCheck KEV: CVE-2014-125123

An unauthenticated SQL injection vulnerability exists in the Kloxo web hosting control panel developed by LXCenter prior to version 6.1.12. The flaw resides in the login-name parameter passed to lbin/webcommand.php, which fails to properly sanitize input, allowing an attacker to extract the...

10CVSS6.2AI score0.00667EPSS
In wildExploits0References3
OSV
OSVadded 2025/07/11 3:15 p.m.2 views

CVE-2025-52089

A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges...

8.8CVSS6AI score0.07063EPSS
Exploits2References1
Rows per page
Query Builder