Lucene search
+L

1885 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.9 views

CVE-2023-25805

versionn, software for changing version information across multiple files, has a command injection vulnerability in all versions prior to version 1.1.0. This issue is patched in version 1.1.0...

9.8CVSS6.9AI score0.01584EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.7 views

CVE-2021-41116

Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in...

9.8CVSS7.3AI score0.02904EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.14 views

CVE-2021-31854

A command Injection Vulnerability in McAfee Agent MA for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the...

9.3CVSS7.7AI score0.01016EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.11 views

CVE-2024-39759

Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A comman...

10CVSS8.1AI score0.08168EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.11 views

CVE-2022-27411

TOTOLINK N600R v5.3c.5507B20171031 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter in the "Main" function...

10CVSS7.9AI score0.02451EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.8 views

CVE-2022-27082

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo...

10CVSS8AI score0.02728EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.7 views

CVE-2022-27083

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic...

10CVSS8AI score0.02871EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.7 views

CVE-2019-12771

Command injection is possible in ThinStation through 6.1.1 via shell metacharacters after the cgi-bin/CdControl.cgi action= substring, or after the cgi-bin/VolControl.cgi OK= substring...

9.8CVSS7.4AI score0.02759EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.15 views

CVE-2019-12272

In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidthstatus and admin/status/realtime/wirelessstatus of the web application are affected by a command injection vulnerability...

9.8CVSS7.4AI score0.07369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:10 a.m.9 views

CVE-2019-12091

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from command injection vulnerability. Local users can use this vulnerability to...

7.8CVSS7.8AI score0.00921EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/12 12:7 p.m.4 views

CVE-2025-64991

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-PatchInsights-Deploy instruction prior V15. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...

7.2CVSS8AI score0.00771EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 6:16 p.m.12 views

CVE-2025-56086

OS Command Injection vulnerability in Ruijie RG-EW1200 EW3.01B11P227EW120011130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

8.8CVSS6.1AI score0.02729EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.5 views

PT-2025-50676

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR600W affected versions not specified Description An issue exists in Ruijie RG-BCR RG-BCR600W that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the submit wifi function...

8.8CVSS7AI score0.02108EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.29 views

CVE-2025-56091

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

0.02729EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.7 views

PT-2025-50114

Name of the Vulnerable Software and Affected Versions Fortinet FortiSandbox versions 4.0 all versions Fortinet FortiSandbox versions 4.2 all versions Fortinet FortiSandbox versions 4.4.0 through 4.4.7 Fortinet FortiSandbox versions 5.0.0 through 5.0.2 Description The Fortinet FortiSandbox softwar...

8.8CVSS6.9AI score0.15797EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/12/08 12:0 a.m.2 views

CVE-2025-65363

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

6.8AI score0.05945EPSS
Exploits0References2
CNVD
CNVD
added 2025/11/20 12:0 a.m.6 views

Dell SmartFabric OS10 Software Command Injection Vulnerability (CNVD-2025-29162)

Dell SmartFabric OS10 Software is a Debian Linux-based operating system from Dell, USA. Dell SmartFabric OS10 Software suffers from a command injection vulnerability that originates from improper neutralization of special elements in commands, which can be exploited by an attacker to cause comman...

8.8CVSS7.8AI score0.0126EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 7:21 p.m.4 views

CVE-2025-56799

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself...

6.5CVSS5.8AI score0.01219EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/10/21 12:23 a.m.20 views

CVE-2025-6542 OS command injection in multiple parameters

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker...

9.3CVSS0.00947EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/07 6:2 p.m.9 views

CVE-2025-43906

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralizatio...

6.7CVSS0.00612EPSS
Exploits0References1
Rows per page
Query Builder