Lucene search
K

415 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/21 5:27 p.m.5 views

CVE-2021-47748

Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the runsql endpoint by crafting malicious GraphQL queries that execute system commands through...

9.8CVSS6.9AI score0.0102EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.19 views

CVE-2026-22812

OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process or any website via permissive CORS to execute arbitrary shell commands with the user's privileges. This vulnerability is fixed in 1.0.216...

8.8CVSS7.5AI score0.16955EPSS
Exploits7References1
Vulnrichment
Vulnrichment
added 2026/01/12 10:49 p.m.4 views

CVE-2026-22812 OpenCode's Unauthenticated HTTP Server Allows Arbitrary Command Execution

OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process or any website via permissive CORS to execute arbitrary shell commands with the user's privileges. This vulnerability is fixed in 1.0.216...

8.8CVSS7.1AI score0.16955EPSS
Exploits7References1
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.9 views

PT-2026-2315

Name of the Vulnerable Software and Affected Versions OpenCode versions prior to 1.0.216 Description OpenCode, an open source AI coding agent, has an issue where it automatically starts an unauthenticated HTTP server. This allows any local process, or any website due to permissive CORS settings, ...

10CVSS6.3AI score0.16955EPSS
Exploits7References22
RedhatCVE
RedhatCVE
added 2026/01/09 10:58 a.m.28 views

CVE-2025-23196

A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when defining alert scripts, where the script filename field is executed using sh -c. An attacker with authenticated...

8.8CVSS8.1AI score0.01236EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 9:26 p.m.12 views

CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.8CVSS7.8AI score0.0063EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2025/12/31 8:48 p.m.11 views

CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.8CVSS6.3AI score0.0063EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/08 1:57 p.m.27 views

CVE-2025-64140

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...

8.8CVSS7.6AI score0.00556EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 2:15 p.m.6 views

CVE-2025-64140

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...

8.8CVSS6.1AI score0.00556EPSS
Exploits0References2
NVD
NVD
added 2025/10/29 2:15 p.m.7 views

CVE-2025-64140

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...

8.8CVSS0.00556EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.11 views

CVE-2025-64140

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...

0.00556EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.11 views

PT-2025-44289

Name of the Vulnerable Software and Affected Versions Jenkins Azure CLI Plugin versions 0.9 and earlier Description The Jenkins Azure CLI Plugin does not restrict the commands it executes on the Jenkins controller. This allows attackers with Item/Configure permission to execute arbitrary shell...

8.8CVSS7.1AI score0.00556EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.6 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. An elevation of privilege vulnerability exists in the BIG-IP's iControl REST and TMOS Shell tmsh modules. The vulnerability...

9.1CVSS7.5AI score0.00367EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-7267

Malware in sbrugna...

7.8CVSS7.6AI score0.02281EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-26504

Malware in sbrugna...

9.1CVSS9.2AI score0.02345EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-5240

Malware in sbrugna...

10CVSS6.4AI score0.03818EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-5651

Malware in sbrugna...

7.8CVSS7.5AI score0.00526EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2020-0516

Malware in sbrugna...

9.8CVSS9.3AI score0.0201EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-18266

Malware in sbrugna...

7.8CVSS7.6AI score0.0087EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-6598

Malware in sbrugna...

9.3CVSS6.4AI score0.01188EPSS
Exploits0References5
Rows per page
Query Builder