Lucene search
K

18 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/26 8:12 p.m.14 views

CVE-2026-48800

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::valueaNode Parameters.cpp:3658 in the feedUserCmds function and stored in UserCommand.cmd without any validation. When the user clicks the corresponding entry ...

7.8CVSS5.8AI score0.0036EPSS
Exploits3References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2006-6692

Malware in sbrugna...

7.5CVSS6.4AI score0.01033EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-19212

Malware in sbrugna...

8.8CVSS8.7AI score0.01819EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-1999-0065

Malware in sbrugna...

7.5CVSS6.4AI score0.03214EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-26214

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.30649EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-40428

Malicious code in bioql PyPI...

10CVSS6.8AI score0.00788EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/25 9:29 a.m.9 views

CVE-2025-41684

An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface endpoint tlsiotgensetting...

8.8CVSS8AI score0.00696EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.6 views

PT-2025-25188 · Weidmueller · Ie-Sr-2Tx-Wl +2

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers and gain arbitrary command execution with elevated...

9.8CVSS7AI score0.00549EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/03/22 12:31 p.m.5 views

CVE-2024-7764

Vanna-ai v0.6.2 is vulnerable to SQL Injection due to insufficient protection against injecting additional SQL commands from user requests. The vulnerability occurs when the generatesql function calls extractsql with the LLM response. An attacker can include a semi-colon between a search data fie...

8.1CVSS8.4AI score0.00707EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:41 p.m.8 views

CVE-2020-5242

openHAB before 2.5.2 allow a remote attacker to use REST calls to install the EXEC binding or EXEC transformation service and execute arbitrary commands on the system with the privileges of the user running openHAB. Starting with version 2.5.2 all commands need to be whitelisted in a local file...

9.3CVSS7.6AI score0.01973EPSS
Exploits0
CNNVD
CNNVD
added 2023/12/20 12:0 a.m.7 views

Mlflow Security Vulnerabilities

Mlflow is an open source platform for machine learning lifecycles. A security vulnerability exists in Mlflow. An attacker exploited the vulnerability to execute commands and access data and model information on a vulnerable computer...

9.8CVSS7AI score0.02013EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/01/18 12:0 a.m.4 views

CVE-2023-0164

OrangeScrum version 2.0.11 allows an authenticated external attacker to execute arbitrary commands on the server. This is possible because the application injects an attacker-controlled parameter into a system function...

9.1AI score0.01381EPSS
Exploits1References2
OSV
OSV
added 2019/01/11 9:7 p.m.5 views

MGASA-2019-0032 Updated spice-vdagent package fixes security vulnerability

Improperly escaped save directory that is passed to the shell allows local attacker with access to the session the agent runs to inject arbitrary commands to be executed CVE-2017-15108...

7.8CVSS7.6AI score0.00419EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2017/10/08 12:0 a.m.83 views

sudo: Privilege escalation

Background sudo su “do” allows a system administrator to delegate authority to give certain users or groups of users the ability to run some or all commands as root or another user while providing an audit trail of the commands and their arguments. Description The fix present in...

8.2CVSS8.4AI score0.00573EPSS
Exploits0
exploitpack
exploitpack
added 2003/08/01 12:0 a.m.14 views

Trillian 0.74 - Remote Denial of Service

Trillian 0.74 - Remote Denial of Service / -------------------------------------------- :::::::::::::::::: trillian 0.7d patch :::::Denial:of:Service::simple:exploit:: -----------------------------l0bstah----- usage :: : trillah name attacked-nick comment:: after patch .74d, exploits, wich use...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/27 12:0 a.m.31 views

Upclient 5.0 b7 - Command Line Argument Buffer Overflow

// source: https://www.securityfocus.com/bid/7703/info upclient has been reported prone to a buffer overflow vulnerability when handling command line arguments of excessive length. It is possible for a local attacker to seize control of the vulnerable application and have malicious arbitrary code...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/10 12:0 a.m.34 views

Qpopper 4.0.x - Remote Memory Corruption

// source: https://www.securityfocus.com/bid/7058/info A memory corruption vulnerability has been discovered in Qpopper version 4.0.4 and earlier. The vulnerability occurs when calling the 'mdef' command and a malicious macro name is supplied. By filling a target buffer with a malicious macro nam...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/12/11 12:0 a.m.45 views

[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.07953EPSS
Exploits0
Rows per page
Query Builder