Lucene search
K

9 matches found

CVE
CVE
added 2026/04/30 4:8 p.m.51 views

CVE-2025-71284

Synway SMG Gateway Management Software is affected by an OS command injection in the RADIUS configuration endpoint /en/9-2radius.php. The radius_address POST parameter (and related fields) is split and interpolated directly into a sed command without sanitization, enabling an unauthenticated remo...

9.8CVSS6.2AI score0.05727EPSS
In wildExploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2026/04/19 12:0 a.m.10 views

CVE-2026-5958

When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determining when output is written, 2. opens the original...

2.1CVSS5.8AI score0.00142EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/11/20 9:28 p.m.20 views

@anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes

Due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the...

9.8CVSS7.5AI score0.00403EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/11/20 9:28 p.m.49 views

GHSA-7MV8-J34Q-VP7Q @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes

Due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the...

8.7CVSS7.3AI score0.00403EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-4065

Malware in sbrugna...

6.8CVSS6.4AI score0.003EPSS
Exploits0References2
0day.today
0day.today
added 2016/08/14 12:0 a.m.40 views

Samsung Smart Home Camera SNH-P-6410 - Command Injection

Exploit for hardware platform in category remote exploits E-DB Note: source https://www.pentestpartners.com/blog/samsungs-smart-camera-a-tale-of-iot-network-security/ import urllib, urllib2, crypt, time New password for web interface webpassword = 'admin' New password for root rootpassword = 'roo...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2016/05/12 12:0 a.m.36 views

Cisco Nexus 7000 Denial of Service Vulnerability (Cisco-SA-20140506-CVE-2014-0684)

A vulnerability in Cisco Nexus 7000 Series Switches could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...

4.6CVSS6.3AI score0.00261EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2014/05/06 12:0 a.m.27 views

Cisco Nexus 7000 Denial of Service Vulnerability (Cisco-SA-20140506-CVE-2014-0684)

A vulnerability in Cisco Nexus 7000 Series Switches could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...

4.6CVSS6.3AI score0.00261EPSS
Exploits0References2
Prion
Prion
added 2013/10/14 3:34 a.m.21 views

Command injection

Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed 1 r and 2 w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574...

6.8CVSS7.1AI score0.003EPSS
Exploits0References1
Rows per page
Query Builder