Lucene search
K

12426 matches found

Cvelist
Cvelist
added 2026/02/11 2:56 p.m.26 views

CVE-2019-25309 Zilab Remote Console Server 3.2.9 - 'Zilab Remote Console Server' Unquoted Service Path

Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...

8.5CVSS0.0015EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:16 p.m.4 views

CVE-2026-2249

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
CVE
CVE
added 2026/02/11 2:16 p.m.28 views

CVE-2026-2249

METIS DFS devices expose an unauthenticated web-based shell at /console, allowing remote command execution with daemon privileges on affected versions (

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/11 2:16 p.m.5 views

CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/11 2:16 p.m.27 views

CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS0.00514EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/11 2:15 p.m.25 views

CVE-2026-2248 Unauthenticated Remote Root Shell Access via Web Console in METIS WIC

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS0.00514EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:15 p.m.3 views

CVE-2026-2248

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/11 2:15 p.m.4 views

CVE-2026-2248 Unauthenticated Remote Root Shell Access via Web Console in METIS WIC

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 2:15 p.m.13 views

CVE-2026-2248

CVE-2026-2248 affects METIS WIC devices (versions

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/11 1:33 a.m.5 views

CVE-2026-25813

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

8.7CVSS5.5AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.5 views

METIS WIC 安全漏洞

METIS WIC is a window interface configuration software for infrared thermometers developed by the Greek company METIS. Versions of METIS WIC 2.1.234-r18 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the /console endpoint, which exposed a web-based shell that...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.8 views

Zilab Remote Console Server 代码问题漏洞

Zilab Remote Console Server is a series of serial port servers developed by the German company Zilab. Version 3.2.9 of Zilab Remote Console Server contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code with elevat...

8.5CVSS6.2AI score0.0015EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

METIS DFS 安全漏洞

METIS DFS is a data processing software developed by the Greek company METIS. Versions of METIS DFS 2.1.234-r18 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the /console endpoint, which exposed a web-based shell without authentication requirements. This could...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.5 views

PT-2026-7597

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.7 views

PT-2026-7604

Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...

8.5CVSS6AI score0.0015EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.9 views

PT-2026-7598

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/10 3:4 a.m.4 views

CVE-2026-24325 Cross Site Scripting (XSS) vulnerability in SAP BusinessObjects Enterprise (Central Management Console)

SAP BusinessObjects Enterprise does not sufficiently encode user-controlled inputs, leading to Stored Cross-Site Scripting XSS vulnerability. This enables an admin user to inject malicious JavaScript into a website and the injected script gets executed when the user visits the compromised page.Th...

4.8CVSS5.5AI score0.00185EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 3:4 a.m.30 views

CVE-2026-24325 Cross Site Scripting (XSS) vulnerability in SAP BusinessObjects Enterprise (Central Management Console)

SAP BusinessObjects Enterprise does not sufficiently encode user-controlled inputs, leading to Stored Cross-Site Scripting XSS vulnerability. This enables an admin user to inject malicious JavaScript into a website and the injected script gets executed when the user visits the compromised page.Th...

4.8CVSS0.00185EPSS
Exploits0References2
Fedora
Fedora
added 2026/02/10 1:34 a.m.6 views

[SECURITY] Fedora 43 Update: tuigreet-0.9.1-7.fc43

Graphical console greeter for greetd...

7.5CVSS5.4AI score0.00443EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/02/09 11:40 p.m.14 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.14.0 release.

Red Hat Web Terminal Operator 1.14.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...

7.5CVSS6.6AI score0.00459EPSS
Exploits2References2
Rows per page
Query Builder