Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

81 matches found

OSV
OSVadded 2026/05/19 3:21 p.m.2 views

GHSA-M7CR-M3PV-HGRP go-git: Improper single-quote escaping in go-git SSH transport

Impact go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. This diverges from canonical Git, which shell-quotes the path through sqquotebuf so that an embedded ' becomes the '''...

2.3CVSS5.9AI score0.00018EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/05/08 12:0 a.m.4 views

Electerm 命令注入漏洞

Electerm is a SSH/SFTP client developed by ZXDong262 from China, based on Electron. Versions of Electerm prior to 3.3.8 contained a command injection vulnerability. This vulnerability stemmed from the runMac function, which directly appends the attacker-controlled releaseInfo.name to the exec...

9.8CVSS5.8AI score0.00194EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/04/06 3:28 a.m.2 views

crun: crun: Privilege escalation due to incorrect parsing of the `--user` option

A flaw was found in crun, an open-source OCI Container Runtime. A local user can exploit this vulnerability due to incorrect parsing of the --user option when using crun exec. The value 1 is misinterpreted as root privileges User ID 0 and Group ID 0 instead of the intended User ID 1 and Group ID ...

7.8CVSS5.8AI score0.00017EPSS
Exploits1References7
Snyk
Snykadded 2026/03/12 4:46 p.m.1 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the exec.Command function via the compressionalgorithm parameter in API calls to the image and backup endpoints. An attacker can execute arbitrary commands as the LXD daemon by sending specially crafted...

9.9CVSS6.1AI score0.00253EPSS
Exploits0References2
OSV
OSVadded 2026/01/09 2:54 p.m.2 views

CLSA-2026-1767970357 httpd: Fix of CVE-2025-58098

CVE-2025-58098: fix passes the shell-escaped query string to exec cmd="..." directives...

8.3CVSS5.8AI score0.00018EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:48 a.m.4 views

CVE-2022-31845

A vulnerability in livecheck.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

7.5CVSS6.5AI score0.53119EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:48 a.m.5 views

CVE-2022-31308

A vulnerability in livemfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function...

7.5CVSS6.5AI score0.00667EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:38 a.m.2 views

CVE-1999-0080

Certain configurations of wu-ftp FTP server 2.4 use a PATHEXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command...

10CVSS6.9AI score0.01463EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/01/06 9:28 p.m.3 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.3CVSS7.2AI score0.00018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/06 12:0 a.m.5 views

RHEL 9 : httpd (RHSA-2026:0139)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0139 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...

8.3CVSS5.6AI score0.00018EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/01/05 2:1 a.m.3 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...

8.3CVSS7.2AI score0.00048EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/01/05 12:0 a.m.1 views

RHEL 8 : httpd:2.4 (RHSA-2026:0010)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0010 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...

8.3CVSS5.7AI score0.00048EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2025/12/23 12:0 a.m.2 views

Oracle Linux 10 : httpd (ELSA-2025-23932)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23932 advisory. - Resolves: RHEL-135052 - httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 - Resolves: RHEL-135035 -...

8.3CVSS5.6AI score0.00145EPSS
Exploits0References4
OSV
OSVadded 2025/12/09 11:38 a.m.2 views

BIT-APACHE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.8AI score0.00018EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2025/12/05 1:40 p.m.7 views

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS7AI score0.00018EPSS
Exploits0
Snyk
Snykadded 2025/12/02 6:36 a.m.1 views

Command Injection

Overview mcp-docker is a Model Context Protocol server for Docker management with AI assistants Affected versions of this package are vulnerable to Command Injection due to insufficient validation of list-format commands in the dockerexeccommand tool. The dockerexeccommand tool accepts a...

9.8CVSS7.3AI score
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-17093

Malware in sbrugna...

9.8CVSS9.2AI score0.00664EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-0518

Malware in sbrugna...

8.8CVSS8.6AI score0.01502EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-1999-0080

Malware in sbrugna...

10CVSS6.4AI score0.01463EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-15591

Malware in sbrugna...

9.8CVSS9.2AI score0.04578EPSS
Exploits1References4
Rows per page
Query Builder