Lucene search
K

71060 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/15 2:5 a.m.3 views

CVE-2026-40499

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.1AI score0.01184EPSS
Exploits1References7
AlpineLinux
AlpineLinux
added 2026/04/15 2:5 a.m.6 views

CVE-2026-40499

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.1AI score0.01184EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/15 2:5 a.m.33 views

CVE-2026-40499 radare2 < 6.1.4 Command Injection via PDB Parser print_gvars()

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS0.01184EPSS
Exploits1References4
CVE
CVE
added 2026/04/15 2:5 a.m.13 views

CVE-2026-40499

Radare2

8.4CVSS6.1AI score0.01184EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/15 2:5 a.m.7 views

EUVD-2026-22826

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.1AI score0.01184EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/04/15 2:5 a.m.2 views

CVE-2026-40499 radare2 < 6.1.4 Command Injection via PDB Parser print_gvars()

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.1AI score0.01184EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/04/15 2:5 a.m.5 views

CVE-2026-40499

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS5.8AI score0.01184EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/15 1:22 a.m.7 views

CVE-2026-6139

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

10CVSS7AI score0.01823EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/15 1:22 a.m.7 views

CVE-2026-6219

A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function childprocess.exec of the file src/compressor.js of the component Compressor Feature. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly...

5.3CVSS5.7AI score0.00683EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.8 views

Composer 安全漏洞

Composer is an open-source application developed by Composer. It provides a tool for declaring, managing, and installing dependencies of PHP projects. Versions of Composer from 1.0 to 2.2.26, as well as from 2.3 to 2.9.5, have security vulnerabilities. These vulnerabilities stem from command...

8.8CVSS6.1AI score0.01688EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.8 views

Composer 安全漏洞

Composer is an open-source application developed by Composer. It provides a tool for declaring, managing, and installing dependencies of PHP projects. Versions 1.0 to 2.2.26, as well as 2.3 to 2.9.5 of Composer, have security vulnerabilities. These vulnerabilities stem from a command injection...

7.8CVSS6.1AI score0.01065EPSS
Exploits4References2
CVE
CVE
added 2026/04/15 12:0 a.m.7 views

CVE-2024-53412

CVE-2024-53412 describes a command injection in the i/o of NietThijmen ShoppingCart 0.0.2, specifically in the connect function where user-supplied input in the Port field enables arbitrary shell commands and potential remote code execution. The public documentation identifies the vulnerability a...

8.4CVSS6.6AI score0.00558EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/15 12:0 a.m.3 views

CVE-2024-53412

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

8.4CVSS6.6AI score0.00558EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/04/15 12:0 a.m.11 views

vim security update

8.2.2637-23.0.1.el97.2 - Remove upstream references Orabug: 31197557 2:8.2.2637-23.2 - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin - RHEL-155422 CVE-2026-28421 vim: Vim: Denial of service and information disclosure via crafted swap fi...

7.8CVSS6.2AI score0.01162EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/04/15 12:0 a.m.6 views

CVE-2026-40499

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS5.8AI score0.01184EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/15 12:0 a.m.4 views

CVE-2024-53412

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

6.6AI score0.00558EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.13 views

PT-2026-33002

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print gvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.1AI score0.01184EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/04/15 12:0 a.m.22 views

CVE-2024-53412

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

0.00558EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.8 views

PT-2026-33062

Name of the Vulnerable Software and Affected Versions NietThijmen ShoppingCart version 0.0.2 Description Command injection in the connect function allows an attacker to execute arbitrary shell commands and achieve remote code execution by injecting malicious payloads into the Port field...

8.4CVSS6.8AI score0.00558EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.9 views

PT-2026-33086

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.8AI score0.00533EPSS
Exploits0References3
Rows per page
Query Builder