Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2026/05/04 12:0 a.m.3 views

RHCOS 2 : rubygem-openshift-origin-console (RHSA-2015:1808)

The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1808 advisory. - 2.2: API command injection vulnerability CVE-2015-5274 Note that Nessus has not tested for this issue but has instead relied only on the...

6.5CVSS5.8AI score0.00622EPSS
Exploits0References5
NCSC
NCSCadded 2026/03/12 7:46 a.m.3 views

Vulnerabilities fixed in Fortinet FortiWeb

Fortinet has fixed vulnerabilities in FortiWeb Versions 7.0 to 8.0.1. The vulnerabilities include an ability for remote unauthenticated attackers to bypass hostname restrictions, an OS command injection vulnerability within the FortiWeb API, and the ability to bypass authentication rate-limits...

8.1CVSS6.2AI score0.00189EPSS
Exploits0References6
OSV
OSVadded 2026/01/23 4:16 a.m.3 views

CVE-2026-0785

ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw...

8.8CVSS6.4AI score
Exploits0References1
OSV
OSVadded 2024/05/14 4:16 p.m.1 views

CVE-2024-28135

A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected...

5CVSS6.2AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/06/12 5:2 p.m.7 views

CVE-2023-34343

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering...

7.2CVSS7.1AI score0.0036EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2020/01/30 8:9 p.m.36 views

CVE-2019-17361

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...

9.8CVSS9.9AI score0.17854EPSS
Exploits0References3
NVD
NVDadded 2020/01/17 2:15 a.m.18 views

CVE-2019-17361

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...

9.8CVSS9.9AI score0.17854EPSS
Exploits0References5
Cvelist
Cvelistadded 2018/01/02 5:0 p.m.10 views

CVE-2017-1000451

fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on childprocess.exec, however, the buildCommand method used to construct exec strings does not properly sanitize data and is vulnerable to command injection across all methods that use it and call exec...

7.9AI score0.00422EPSS
Exploits0References1
Rows per page
Query Builder