Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2007-4154

Malware in sbrugna...

10CVSS6.4AI score0.0215EPSS
Exploits0References4
OSV
OSVadded 2023/08/15 6:31 p.m.0 views

GHSA-2XXC-73FV-36F7 llama-index vulnerable to arbitrary code execution

An issue in llamaindex v.0.7.13 and before allows a remote attacker to execute arbitrary code via the exec parameter in PandasQueryEngine function...

9.8CVSS6.2AI score0.01233EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2023/08/15 5:15 p.m.3 views

CVE-2023-39662

An issue in llamaindex v.0.7.13 and before allows a remote attacker to execute arbitrary code via the exec parameter in PandasQueryEngine function...

9.8CVSS6.2AI score0.01233EPSS
Exploits1References2
PyPA
PyPAadded 2023/08/15 5:15 p.m.6 views

PYSEC-2023-148

An issue in llamaindex v.0.7.13 and before allows a remote attacker to execute arbitrary code via the exec parameter in PandasQueryEngine function...

9.8CVSS8.1AI score0.01233EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/08/15 12:0 a.m.4 views

PT-2023-27061

Name of the Vulnerable Software and Affected Versions llama index versions 0.7.13 and earlier Description An issue in llama index allows a remote attacker to execute arbitrary code via the exec parameter in the PandasQueryEngine function. This enables the attacker to perform unauthorized actions ...

9.8CVSS6AI score0.01233EPSS
Exploits1References13
Positive Technologies
Positive Technologiesadded 2022/04/10 12:0 a.m.4 views

PT-2022-18354 · Inhand Networks · Inrouter 900 Industrial 4G Router

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 900 Industrial 4G Router versions prior to 1.0.0.r11700 Description: The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability can be exploited via the web exec parameter at the...

5.4CVSS5.1AI score0.0055EPSS
Exploits0References4
CNNVD
CNNVDadded 2021/08/09 12:0 a.m.3 views

rConfig 操作系统命令注入漏洞

rConfig is an open source network configuration management utility program. An operating system command injection vulnerability exists in rConfig version 3.9.5, which stems from the rConfig path parameter being passed directly to the exec function without being escaped. The vulnerability can be...

9.8CVSS8.3AI score0.05718EPSS
Exploits1References2
OSV
OSVadded 2021/07/22 7:15 p.m.2 views

CVE-2021-31580

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...

9.8CVSS5.9AI score0.03023EPSS
Exploits1References1
OSV
OSVadded 2021/04/13 3:17 p.m.1 views

GHSA-R9VM-RHMF-7HXX OS Command Injection in im-resize

im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization...

9.8CVSS6.2AI score0.03799EPSS
Exploits1References3
Rows per page
Query Builder