Lucene search
K

70984 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/17 4:33 a.m.3 views

CVE-2026-21719

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

8.6CVSS7.2AI score0.01203EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/17 4:33 a.m.23 views

CVE-2026-21719

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

8.6CVSS0.01203EPSS
Exploits0References2
CVE
CVE
added 2026/04/17 4:33 a.m.15 views

CVE-2026-21719

CubeCart CVE-2026-21719 affects versions prior to 6.6.0 and allows an admin to execute arbitrary OS commands via an OS command injection vulnerability. The issue arises in the administrative interface; upgrading to CubeCart 6.6.0 (or later) is the stated remediation. Exploitation details are not ...

8.6CVSS6AI score0.01203EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/17 4:32 a.m.8 views

Multiple vulnerabilities in CubeCart

Overview CubeCart provided by CubeCart Limited contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2026-21719 SQL injection CWE-89 - CVE-2026-34018 Path traversal CWE-22 - CVE-2026-35496 Gen Sato of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities...

9.8CVSS6.7AI score0.01203EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.3 views

PT-2026-33408

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

8.6CVSS7.3AI score0.01203EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

Anviz CX2 Lite 安全漏洞

The Anviz CX2 Lite is an intelligent terminal device from the American company Anviz, featuring integrated face recognition and access control functions. The Anviz CX2 Lite has a security vulnerability, which stems from command injection via the filename parameter used for authentication. This...

8.8CVSS6AI score0.01787EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.6 views

PT-2026-33437

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7.0.0 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.20 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.60 Description Improper neutralization of special...

6.7CVSS6.1AI score0.00571EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.14 views

PT-2026-33515

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DW TAG formal parameter names. Attackers can craft a binary with shell commands in DWARF parameter names that...

8.5CVSS6.2AI score0.00915EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.6 views

PT-2026-33429

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain with Data Domain Operating System DD OS versions 7.7.1.0 through 8.5 Dell PowerProtect Data Domain with Data Domain Operating System DD OS versions 8.3.1.0 through 8.3.1.20 Dell PowerProtect Data Domain with Data...

7.2CVSS5.7AI score0.0114EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.7 views

PT-2026-33504

Name of the Vulnerable Software and Affected Versions Dolibarr versions prior to 23.0.0 Description Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. An authenticated administrator can achieve remote code execution as the web server user by...

9.4CVSS6.5AI score0.00922EPSS
Exploits3References14
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.8 views

Dell PowerProtect Data Domain 安全漏洞

Dell PowerProtect Data Domain is a data protection specialized storage device whose main function is to provide efficient data de-duplication, backup and recovery. A command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure of the Data Domain...

7.2CVSS5.8AI score0.0114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.8 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain is a data protection and backup storage product for enterprise-class data backup, deduplication and disaster recovery. An operating system command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure to properly hand...

6.7CVSS6.1AI score0.00571EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.9 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

The Dell PowerProtect Data Domain is a data protection storage appliance that is primarily used for enterprise-class backup, archiving, and disaster recovery. An OS command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure to properly neutrali...

6.7CVSS6.1AI score0.00571EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.4 views

PT-2026-33436

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7.0.0 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.20 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.60 Description Improper neutralization of special...

6.7CVSS6.2AI score0.00571EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.6 views

PT-2026-33433

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with...

6.7CVSS5.8AI score0.00524EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.40 views

Radare2 安全漏洞

Radare2 is an open-source reverse framework for Unix geeks developed by Radare. Previous versions of Radare2, up to bc5a890, contained security vulnerabilities. These vulnerabilities stemmed from command injection in the afsv/afsvj command path. A specially crafted ELF binary could embed maliciou...

8.5CVSS6AI score0.00915EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.8 views

CubeCart 安全漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities. These vulnerabilities stemmed from OS command injection, which could allow users with administrative privileges to execute arbitrary OS commands...

8.6CVSS7.3AI score0.01203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.11 views

WAVLINK WL-WN530H4 安全漏洞

The WAVLINK WL-WN530H4 is a high-performance USB wireless network card from the WAVLINK company. It supports 802.11ac dual-band Wi-Fi. The Wavlink WL-WN530H4 version 20220721 has a security vulnerability. This vulnerability stems from the use of os command injection in the function strcat/snprint...

8.6CVSS7.1AI score0.14131EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.9 views

PT-2026-33438

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7.0.0 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.20 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.60 Description Improper neutralization of special...

6.7CVSS6AI score0.00571EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.7 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain is a data protection storage device whose main function is to provide efficient data de-duplication, backup and recovery. A command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure of the Data Domain Operating...

6.7CVSS5.8AI score0.00524EPSS
Exploits0References1
Rows per page
Query Builder