Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/06/16 11:47 a.m.6 views

BIT-MARIADB-MIN-2026-48163 MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

8CVSS5.8AI score0.00457EPSS
Exploits0References3
Debian
Debianadded 2026/06/15 8:20 p.m.5 views

[SECURITY] [DSA 6345-1] libgd-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6345-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 15, 2026 https://www.debian.org/security/faq -...

9.8CVSS5.7AI score0.01353EPSS
Exploits0
OSV
OSVadded 2026/05/26 4:16 p.m.8 views

UBUNTU-CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

9.8CVSS6AI score0.01645EPSS
Exploits1References8
EUVD
EUVDadded 2026/04/18 1:16 a.m.3 views

EUVD-2026-23628

Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand is vulnerable to OS command injection because it interpolates temporary file paths into a /bin/sh -c shell command string without any escaping or input validation. The INFILEENDING and...

8.8CVSS5.9AI score0.00861EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2026/02/04 12:0 a.m.6 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Emacs vulnerabilities (USN-8011-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8011-1 advisory. It was discovered that Emacs could trigger unsafe Lisp macro expansion, when a user invoked elisp- completion-at-point on untrust...

8.8CVSS8.2AI score0.02679EPSS
Exploits0References3
Snyk
Snykadded 2026/01/20 11:45 p.m.7 views

Improper Input Validation

Overview wrangler is a Command-line interface for all things Cloudflare Workers Affected versions of this package are vulnerable to Improper Input Validation via the wrangler pages deploy command when the --commit-hash parameter is passed directly to a shell command without proper validation or...

9.9CVSS6AI score0.01393EPSS
Exploits0References2
OSV
OSVadded 2024/06/23 10:15 p.m.6 views

AZL-42925 CVE-2024-39331 affecting package emacs for versions less than 29.4-1

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5...

9.8CVSS7.2AI score0.01323EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 6:7 a.m.2 views

SUSE CVE-2008-4101

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...

9.3CVSS7.7AI score0.09207EPSS
Exploits1References3
Rows per page
Query Builder