Lucene search
+L

31724 matches found

Nuclei
Nuclei
added 8 hours ago29 views

Enigma NMS < 65.0.0 - Authenticated OS Command Injection

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an authenticated attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action. id:...

10CVSS9AI score0.25279EPSS
Exploits5References3
Nuclei
Nuclei
added 8 hours ago80 views

WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload

WordPress SP Project & Document Manager plugin before 4.22 is susceptible to authenticated shell upload. The plugin allows users to upload files; however, the plugin attempts to prevent PHP and other similar executable files from being uploaded via checking the file extension. PHP files can still...

8.8CVSS7.9AI score0.52007EPSS
Exploits8References5
Nuclei
Nuclei
added 8 hours ago133 views

Viessmann Vitogate 300 - Remote Code Execution

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method. id: CVE-2023-45852 info: name: Viessmann Vitogate 300 - Remote Code Execution autho...

9.8CVSS7.5AI score0.14003EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago233 views

DrayTek - Remote Code Execution

DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta devices allow remote code execution as root without authentication via shell metacharacters to the cgi-bin/mainfunction.cgi URI. id: CVE-2020-8515 info: name: DrayTek - Remote Code Execution...

10CVSS9.2AI score0.99993EPSS
Exploits7References5
Nuclei
Nuclei
added 8 hours ago61 views

OpenDreambox 2.0.0 - Remote Code Execution

OpenDreambox 2.0.0 is susceptible to remote code execution via the webadmin plugin. Remote attackers can execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI in enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py. id: CVE-2017-14135 info: nam...

10CVSS9.6AI score0.21842EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago660 views

Chamilo LMS <= 1.11.24 - Remote Code Execution

Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. id: CVE-2023-422...

8.1CVSS7.6AI score0.76084EPSS
Exploits27References4
Nuclei
Nuclei
added 8 hours ago10 views

Pinger 1.0 - Remote Code Execution

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters. id:...

9.8CVSS6.6AI score0.03135EPSS
Exploits0References2
CVE
CVE
added 8 hours ago13 views

CVE-2026-58317

The vulnerability CVE-2026-58317 affects the TTSSH2 plugin used by Tera Term. It is described as an Unsigned to Signed Conversion Error (CWE-196) that can occur when Tera Term connects to a server controlled by an attacker. The issue may trigger an out-of-bounds read/write, potentially causing ad...

6.3CVSS6.6AI score
Exploits0References3
EUVD
EUVD
added 8 hours ago6 views

EUVD-2026-45140

Unsigned to Signed Conversion Error CWE-196 vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of adjacent memory...

6.3CVSS6.6AI score
Exploits0References3
EUVD
EUVD
added 8 hours ago7 views

EUVD-2026-45139

Improper Handling of Length Parameter Inconsistency CWE-130 vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of...

6.3CVSS6.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday6 views

Malicious code in hehehe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 588dd776720f805d7d84a58c93ffcd21ed860e3fc21a48787d732eb6180b974d Package is published as an 'enterprise Windows Diagnostic Utility' but is an anti-proctoring cheating tool that also steals the installer's browser...

6.1AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-44978

The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands...

8.8CVSS6.1AI score
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate...

8.8CVSS6.2AI score0.00314EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added yesterday6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS6.4AI score0.00533EPSS
Exploits0References9
Nuclei
Nuclei
added yesterday19 views

Kaseya VSA < 9.5.7 - Arbitrary File Upload to Remote Code Execution

An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...

10CVSS7.1AI score0.60348EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday323 views

SonicWall GMS and Analytics Web Services - Shell Injection

The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions id: CVE-2023-34124 info: name: SonicWall GMS and Analytics Web...

9.8CVSS6.9AI score0.44715EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday64 views

Apache Spark - Authentication Bypass

In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...

9.8CVSS6.8AI score0.29157EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday77 views

Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the ping function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through t...

10CVSS7.1AI score0.39544EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday95 views

Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the addModifyZTDProxy function in NmsController. The function does not sufficiently validate or sanitize HTTP request parameter values that are used to construct a shell command. An attacker can trigger this vulnerability by...

10CVSS7.1AI score0.39544EPSS
Exploits1References3
OSV
OSV
added yesterday5 views

UBUNTU-CVE-2026-38755

A heap overflow in the evalcommand function shell/ash.c of Busybox...

7.5CVSS6.1AI score0.0016EPSS
Exploits0References2
Rows per page
Query Builder