Lucene search
K

10 matches found

Cvelist
Cvelist
added 2026/05/08 2:53 a.m.37 views

CVE-2026-41500 electerm has Command Injection Vulnerability via runMac function

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an...

9.8CVSS0.01572EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0511

Malware in sbrugna...

5CVSS6.4AI score0.02234EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-19660

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.01297EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/18 11:54 a.m.14 views

CVE-2025-52714

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows SQL Injection.This issue affects Traveler: from n/a through 3.2.2...

9.3CVSS5.9AI score0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/01 5:49 p.m.14 views

CVE-2025-53100 RestDB's Codehooks.io MCP Server Vulnerable to Command Injection

RestDB's Codehooks.io MCP Server is an MCP server on the Codehooks.io platform. Prior to version 0.2.2, the MCP server is written in a way that is vulnerable to command injection attacks as part of some of its MCP Server tools definition and implementation. This could result in a user initiated...

8.6CVSS0.01297EPSS
Exploits0References3
NVD
NVD
added 2025/04/17 6:15 p.m.14 views

CVE-2025-26268

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service daemon crash via a crafted Redis command. The validity of the scan cursor was not checked...

6.5CVSS0.00333EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/02/24 3:15 p.m.2 views

CVE-2022-25809

Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill in the case of remote attackers or by pairing a malicious Bluetooth device in the case of physically proximate attackers, aka...

9.8CVSS7.5AI score0.03054EPSS
Exploits1References2
CNVD
CNVD
added 2021/11/01 12:0 a.m.4 views

Squid Trust Management Issues Vulnerabilities

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. Squid suffers from a trust management issue vulnerability that stems from incorrect certificate validation. An attacke...

7.5CVSS6.7AI score0.02854EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/04 12:0 a.m.5 views

Squid 信任管理问题漏洞

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. Squid suffers from a trust management issue vulnerability that stems from incorrect certificate validation. An attacke...

7.5CVSS5.6AI score0.02854EPSS
Exploits0References8
Cvelist
Cvelist
added 2020/03/27 7:35 a.m.13 views

CVE-2020-10509 Sunnet eHRD - Cross-Site Scripting

Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting XSS, attackers can inject arbitrary command into the system and launch XSS attack...

6.1CVSS6.1AI score0.00835EPSS
Exploits0References2
Rows per page
Query Builder