Lucene search
K

170 matches found

NVD
NVD
added 2025/01/30 7:15 p.m.18 views

CVE-2025-0680

Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud...

9.8CVSS0.00598EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.5 views

The vulnerability of the invscout component in AIX and VIOS operating systems allows a perpetrator to execute arbitrary commands.

The vulnerability of the invscout component in AIX and VIOS operating systems is related to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

7.8CVSS5.8AI score0.00231EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.4 views

kernel: net/mlx5: Discard command completions in internal error

A use-after-free vulnerability has been discovered in the Linux kernel within the drivers/net/ethernet/mellanox/mlx5/core/cmd.c component, specifically related to the Mellanox network driver. This flaw can lead to compromised system availability. Successful exploitation could result in...

7.8CVSS6.8AI score0.00258EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/19 1:30 a.m.26 views

CVE-2024-50268 usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

0.00255EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.6 views

The vulnerability of the SSH and Telnet protocol implementations of the D-Link DSL6740C modem’s microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of SSH and Telnet protocols implemented by the microprogramming software of the D-Link DSL6740C modem lies in the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...

9CVSS5.9AI score0.01325EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.4 views

PT-2024-8519 · Fortinet · Fortimanager +2

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.4.0 through 7.4.2 and before 7.2.5 Fortinet FortiAnalyzer versions 7.4.0 through 7.4.2 and before 7.2.5 Fortinet FortiAnalyzer-BigData before 7.4.0 Description: The issue is related to improper neutralization ...

6.8CVSS7.6AI score0.00608EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/11/08 12:0 a.m.7 views

The vulnerability of the httpProcDataSrv() function in TP-Link TL-WDR5620 router software allows a hacker to execute arbitrary code.

The vulnerability of the httpProcDataSrv function in TP-Link TL-WDR5620 router software exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8CVSS6AI score0.00793EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/09 12:0 a.m.6 views

The vulnerability of D-Link DIR-846W router’s microprogramming software lies in the lack of measures to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary code.

The vulnerability of the D-Link DIR-846W router’s microprogramming software is related to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through the...

10CVSS6AI score0.02031EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/09/04 12:0 a.m.7 views

The vulnerability of the Go Getter library, related to the improper neutralization of special elements used in the command, allows a hacker to execute arbitrary code.

The vulnerability of the Go Getter library is related to the update of Git for the existing, maliciously modified Git configuration. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.4CVSS7.6AI score0.00973EPSS
Exploits0References4Affected Software2
RedHat Linux
RedHat Linux
added 2024/08/14 1:27 a.m.4 views

kernel: net/mlx5: Discard command completions in internal error

A use-after-free vulnerability has been discovered in the Linux kernel within the drivers/net/ethernet/mellanox/mlx5/core/cmd.c component, specifically related to the Mellanox network driver. This flaw can lead to compromised system availability. Successful exploitation could result in...

7.8CVSS6.8AI score0.00258EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: net/mlx5: Discard command completions in internal error

A use-after-free vulnerability has been discovered in the Linux kernel within the drivers/net/ethernet/mellanox/mlx5/core/cmd.c component, specifically related to the Mellanox network driver. This flaw can lead to compromised system availability. Successful exploitation could result in...

7.8CVSS6.8AI score0.00258EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.7 views

The vulnerability of the lib-src/etags.c file of the EMACS text editor’s etags component allows a hacker to execute arbitrary code.

The vulnerability of the lib-src/etags.c file of the EMACS text editor’s etags component is related to the improper elimination of special elements used in the OS command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.9AI score0.01603EPSS
Exploits0References9Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.6 views

Vulnerability of the org-babel-execute function: latex() in the text editor EMACS, allowing an attacker to execute arbitrary code

The vulnerability of the org-babel-execute:latex function in the text editor EMACS is related to the improper elimination of special elements used in the command. Exploiting this vulnerability may allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00461EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.13 views

The vulnerability of the BuildClient function (client_service.go) in the CHAOS remote administration tool allows a hacker to execute arbitrary code.

The vulnerability of the BuildClient function in clientservice.go, a remote administration tool for CHAOS, exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

9CVSS8.1AI score0.80454EPSS
Exploits6References5Affected Software1
OSV
OSV
added 2024/07/11 4:15 p.m.5 views

CVE-2024-39524

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

8.5CVSS5.8AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2024/07/11 4:1 p.m.59 views

CVE-2024-39524

The CVE concerns Juniper Networks Junos OS Evolved CLI: an Improper Neutralization of Special Elements in CLI command option handling allows a local, authenticated user with LOW privileges to escalate to root, potentially compromising the entire system. Affected versions are: all before 20.4R3-S7...

8.5CVSS7.9AI score0.0025EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/07/11 4:0 p.m.60 views

CVE-2024-39523

CVE-2024-39523 is a local, authenticated-then-privilege-escalation issue in Juniper Networks Junos OS Evolved CLI handling of command options. A crafted parameter set can escalate to root on the shell, resulting in full compromise. Affected: Junos OS Evolved versions before 20.4R3-S7-EVO; 21.2-EV...

8.5CVSS7.9AI score0.0025EPSS
Exploits0References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:27 p.m.5 views

Malicious code in Be.Vlaanderen.Basisregisters.AggregateSoսrce.Testing.CommaոdHandling (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:27 p.m.4 views

Malicious code in Be.Vlaanderen.Basisregisters.AggregatеSoսrce.Testing.CommаոdHandling (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:25 p.m.3 views

Malicious code in Be.Vlaandеren.Basisregisters.CommandHanԁling.Idempotency (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder