Lucene search
K

70967 matches found

CNNVD
CNNVD
added 2026/04/20 12:0 a.m.8 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. There is a security vulnerability in Dell PowerProtect Data Domain, which stems from an operating system command injection issue. The...

7.2CVSS5.8AI score0.0147EPSS
Exploits0References1
CNVD
CNVD
added 2026/04/20 12:0 a.m.4 views

Dell PowerProtect Data Domain OS Command Injection Vulnerability (CNVD-2026-18581)

The Dell PowerProtect Data Domain is a data protection storage appliance that is primarily used for enterprise-class backup, archiving, and disaster recovery. An OS command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure to properly neutrali...

6.7CVSS5.9AI score0.00571EPSS
Exploits0
CNVD
CNVD
added 2026/04/20 12:0 a.m.2 views

Dell PowerProtect Data Domain Data Domain Operating System Command Injection Vulnerability (CNVD-2026-18584)

Dell PowerProtect Data Domain is a data protection storage device whose main function is to provide efficient data de-duplication, backup and recovery. A command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure of the Data Domain Operating...

6.7CVSS5.4AI score0.00524EPSS
Exploits0
CNVD
CNVD
added 2026/04/20 12:0 a.m.6 views

Dell PowerProtect Data Domain OS Command Injection Vulnerability

Dell PowerProtect Data Domain is a data protection and deduplication storage appliance. An operating system command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure to properly neutralize a specific element used for OS command injection, whic...

6.7CVSS5.9AI score0.00571EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.8 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. Vulnerabilities exist in versions 7.7.1.0 to 8.6 of Dell PowerProtect Data Domain, as well as in LTS2025 versions 8.3.1.0 to 8.3.1.20 a...

7.2CVSS6.1AI score0.01191EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/19 9:31 p.m.6 views

EUVD-2026-23707

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS6.3AI score0.01456EPSS
Exploits0References5
NVD
NVD
added 2026/04/19 7:16 p.m.8 views

CVE-2026-6576

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS0.01456EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/19 7:0 p.m.34 views

CVE-2026-6576 liangliangyy DjangoBlog WeChat Bot commonapi.py CommandHandler command injection

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS0.01456EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/19 7:0 p.m.5 views

CVE-2026-6576 liangliangyy DjangoBlog WeChat Bot commonapi.py CommandHandler command injection

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS5.4AI score0.01456EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/19 7:0 p.m.4 views

CVE-2026-6576

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS5.4AI score0.01456EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/19 7:0 p.m.14 views

CVE-2026-6576

CVE-2026-6576 affects liangliangyy DjangoBlog (up to version 2.1.0.0) via the WeChat Bot Interface, specifically the servermanager/api/commonapi.py CommandHandler. The root cause is a vulnerability allowing manipulation of the Source argument to achieve command injection, with remote exploitation...

6.5CVSS5.4AI score0.01456EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/19 12:0 a.m.7 views

DjangoBlog 安全漏洞

DjangoBlog is a blog system developed by liangliangyy using Django. Versions of DjangoBlog 2.1.0.0 and earlier had security vulnerabilities. These vulnerabilities were caused by improper handling of parameters in the file servermanager/api/commonapi.py, leading to command injection and potential...

6.5CVSS6.6AI score0.01456EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/19 12:0 a.m.10 views

PT-2026-33641

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS5.4AI score0.01456EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/18 8:30 p.m.264 views

Exploit for CVE-2026-4631

CVE-2026-4631 — Code Analysis Cockpit: Unauthenticated Rem...

9.8CVSS6.1AI score0.142EPSS
Exploits3
OSV
OSV
added 2026/04/18 12:1 p.m.5 views

RLSA-2026:8475 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.116 and .NET Runtime...

7.5CVSS6.3AI score0.02279EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/18 9:15 a.m.96 views

Exploit for CVE-2026-39808

🚨 FortiSandbox Root Sandbox Escape - CVE-2026-39808 ----...

9.8CVSS6.9AI score0.48668EPSS
Exploits6
OSV
OSV
added 2026/04/18 8:36 a.m.6 views

BIT-COMPOSER-2026-40261 Composer has Command Injection via Malicious Perforce Reference

Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase method, which appends the $sourceReference parameter to a shell command without proper escaping, and additionally in the...

8.8CVSS6.1AI score0.01688EPSS
Exploits2References3
OSV
OSV
added 2026/04/18 8:36 a.m.4 views

BIT-COMPOSER-2026-40176 Composer is vulnerable to Command Injection via Malicious Perforce Repository

Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::generateP4Command method, which constructs shell commands by interpolating user-supplied Perforce connection parameters port, user, client without...

7.8CVSS6.2AI score0.01065EPSS
Exploits4References3
Veracode
Veracode
added 2026/04/18 5:28 a.m.7 views

OS Command Injection

dolibarr/dolibarr is vulnerable to OS Command Injection. The vulnerability is due to improper validation and escaping of the MAINODTASPDF configuration input before passing it to the exec function, which allows an attacker to execute arbitrary operating system commands...

9.4CVSS5.7AI score0.00922EPSS
Exploits3References3Affected Software1
NVD
NVD
added 2026/04/18 2:16 a.m.4 views

CVE-2026-35582

Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand is vulnerable to OS command injection because it interpolates temporary file paths into a /bin/sh -c shell command string without any escaping or input validation. The INFILEENDING and...

8.8CVSS0.00861EPSS
Exploits1References2
Rows per page
Query Builder