Lucene search
K

183 matches found

Vulnrichment
Vulnrichment
added 2023/06/13 12:0 a.m.9 views

CVE-2023-30766

Hidden functionality issue exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78,...

9.6AI score0.00703EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/13 12:0 a.m.32 views

CVE-2023-30766

Hidden functionality issue exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78,...

9.7AI score0.00703EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/25 12:0 a.m.24 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Jhead vulnerabilities (USN-6108-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6108-1 advisory. It was discovered that Jhead did not properly handle certain crafted images while rotating them. An attacker could...

7.8CVSS7.8AI score0.00444EPSS
Exploits2References3
Prion
Prion
added 2023/05/23 2:15 a.m.14 views

Command injection

OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command...

6.5CVSS8.7AI score0.01908EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2023/05/23 2:15 a.m.14 views

Command injection

Wi-Fi AP UNIT AC-PD-WAPU v1.05B04 and earlier, AC-PD-WAPUM v1.05B04 and earlier, AC-PD-WAPU-P v1.05B04P and earlier, AC-PD-WAPUM-P v1.05B04P and earlier, AC-WAPU-300 v1.00B07 and earlier, AC-WAPU-300-P v1.00B08P and earlier, AC-WAPUM-300 v1.00B07 and earlier, and AC-WAPUM-300-P v1.00B08P and...

5.8CVSS7.2AI score0.0088EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2023/05/23 2:15 a.m.24 views

Command injection

Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. As a result, an arbitrary OS command may be executed as well...

6.5CVSS8.6AI score0.01388EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/23 12:0 a.m.34 views

CVE-2023-27521

OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command...

8.9AI score0.01908EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.25 views

Siemens SCALANCE M875 Arbitrary OS Command Execution (CVE-2018-4859)

A vulnerability has been identified in SCALANCE M875 All versions. An authenticated remote attacker with access to the web interface 443/tcp, could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attacker...

9CVSS7.7AI score0.03737EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.20 views

Siemens SCALANCE M875 Arbitrary OS Command Execution (CVE-2018-4860)

A vulnerability has been identified in SCALANCE M875 All versions. An authenticated remote attacker with access to the web interface 443/tcp, could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attacker...

9CVSS7.7AI score0.03737EPSS
Exploits0References2
NVD
NVD
added 2023/01/17 10:15 a.m.20 views

CVE-2023-22304

OS command injection vulnerability in PIX-RT100 versions RT100TEQ2.1.1EQ101 and RT100TEQ2.1.2EQ101 allows a network-adjacent attacker who can access product settings to execute an arbitrary OS command...

8CVSS8.1AI score0.00893EPSS
Exploits0References2
Prion
Prion
added 2023/01/17 10:15 a.m.13 views

Command injection

MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command...

5.8CVSS7.5AI score0.00972EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2023/01/17 12:0 a.m.17 views

CVE-2023-22280

MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command...

7.8AI score0.00972EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/01/12 12:0 a.m.40 views

JVN#57296685: Multiple vulnerabilities in PIXELA PIX-RT100

PIX-RT100 provided by PIXELA CORPORATION contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2023-22304 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.0 CVSS v2| AV:A/AC:L/Au:S/C:C/I:C/A:C| Base Score: 7.7...

8CVSS7.9AI score0.00893EPSS
Exploits0
OSV
OSV
added 2022/12/19 3:15 a.m.1 views

CVE-2022-44456

CONPROSYS HMI System CHS Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitrary OS command on the server where the product is running by sending a specially crafted request...

9.8CVSS6AI score0.69877EPSS
Exploits0References3
Prion
Prion
added 2022/12/19 3:15 a.m.20 views

Command injection

OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program...

4.7CVSS7AI score0.00778EPSS
Exploits0References2Affected Software10
Cvelist
Cvelist
added 2022/12/19 12:0 a.m.24 views

CVE-2022-43466

OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program...

7.2AI score0.00778EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/19 12:0 a.m.30 views

CVE-2022-44456

CONPROSYS HMI System CHS Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitrary OS command on the server where the product is running by sending a specially crafted request...

9.8AI score0.69877EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/12/10 4:15 p.m.24 views

CVE-2022-45145

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file...

9.8CVSS7.3AI score0.01268EPSS
Exploits0References5
CVE
CVE
added 2022/12/10 12:0 a.m.94 views

CVE-2022-45145

CVE-2022-45145 concerns CHICKEN 5.x; vulnerability exists in egg-compile.scm that allows arbitrary OS command execution during package installation via escaped characters in a .egg file. Root cause: insecure handling in egg-compile.scm leading to command injection during installation. Affected: C...

9.8CVSS9.5AI score0.01268EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/12/07 10:15 a.m.13 views

Denial of service

Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and...

4.7CVSS6.9AI score0.00317EPSS
Exploits0References2Affected Software54
Rows per page
Query Builder