Lucene search
K

34 matches found

NVD
NVD
added 2026/07/01 5:16 p.m.5 views

CVE-2026-34115

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribeamazon.php line 15 without sanitization: exec"php jobs/transcribeamazon.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS0.00537EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:23 p.m.5 views

CVE-2026-34116

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribe.php line 15 without sanitization: exec"php jobs/transcribe.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 4:20 p.m.12 views

CVE-2026-34111

CVE-2026-34111 : Guardian Language-System vulnerability where speechmac_text.php passes $_GET['id'] directly into an exec() call, enabling unauthenticated remote command execution via shell metacharacters. Affects the Guardian Language-System component (speech_text path) and is scored CRITICAL (C...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 4:19 p.m.8 views

EUVD-2026-41068

Guardian language-system passes the id GET parameter directly into a PHP exec call in complexstart.php line 14 without sanitization: exec"php jobs/complex.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell metacharacters...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 4:17 p.m.8 views

EUVD-2026-41066

Guardian language-system passes the id GET parameter directly into a PHP exec call in text.php line 15 without sanitization: exec"php jobs/text.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:13 p.m.6 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition via the exec process. An attacker can execute unauthorized commands by bypassing intended allowlist validation using combined shell options...

8.8CVSS6AI score0.00419EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 12:16 a.m.8 views

CVE-2026-7711

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS0.00284EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.4 views

PT-2026-26885

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/01/09 8:56 a.m.7 views

CVE-2023-40582

find-exec is a utility to discover available shell commands. Versions prior to 1.0.3 did not properly escape user input and are vulnerable to Command Injection via an attacker controlled parameter. As a result, attackers may run malicious shell commands in the context of the running process. This...

9.8CVSS7.2AI score0.01489EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.7 views

@abtnode/blocklet-services (>=1.16.6 <=1.17.13-beta-20260512-042419-7b556a38), @abtnode/cli (>=1.0.0 <=1.16.34-beta-20241113-102431-65542b84) +446 more potentially affected by unknown CVE via shell-exec (>=1.0.2 <=1.1.2)

shell-exec NPM version =1.0.2, =1.16.6, =1.0.0, =1.16.6, =1.0.0, =0.3.35, =1.5.0, =0.0.0-beta.0, =0.0.0, =2.49.0, =1.0.0, =2.0.0-0, =2.0.0-0, =1.0.16, =1.0.0, =1.2.1, =1.3.16 and more Source cves: unknown CVE Source advisory: SNYK:JS-SHELLEXEC-14103722...

5.7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-4772

Malware in sbrugna...

3.6CVSS6.4AI score0.00334EPSS
Exploits0References5
Snyk
Snyk
added 2025/04/01 6:31 a.m.2 views

Remote Code Execution (RCE)

Overview mcpadapt is an Adapt MCP servers to many agentic framework. Affected versions of this package are vulnerable to Remote Code Execution RCE due to unsanitized input in the SmolAgentsAdapter where untrusted MCP server responses are interpolated into a dynamic Python class via an exec call...

9.8CVSS7.4AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/01/29 12:31 a.m.5 views

ai.chronon:flink_2.12 (>=0.0.62 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:online_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +555 more potentially affected by CVE-2024-29869 via org.apache.hive:hive-exec (>=0.8.0 <=4.0.0)

org.apache.hive:hive-exec MAVEN version =0.8.0, =0.0.62, =0.0.25, =0.0.25, =0.0.86, =0.0.86, =0.0.8, =0.0.6, =3.18.0.9, =6.5.0, =1.5.8, =0.2.7, =1.3.3, =1.4.0, =1.0.0, =2.0.0, =3.1.0 and more Source cves: CVE-2024-29869 Source advisory: OSV:GHSA-C476-J253-5RGQ...

5.5CVSS6AI score0.00274EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/12/05 12:31 p.m.11 views

org.apache.hive.hcatalog:hive-hcatalog-core (=4.0.0-alpha-1), org.apache.hive.hcatalog:hive-hcatalog-pig-adapter (=4.0.0-alpha-1) +18 more potentially affected by CVE-2022-41137 via org.apache.hive:hive-exec (=4.0.0-alpha-1)

org.apache.hive:hive-exec MAVEN version =4.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - org.apache.hive.hcatalog:hive-hcatalog-core =4.0.0-alpha-1 -...

8.3CVSS7.2AI score0.01656EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/10/21 6:54 p.m.11 views

CVE-2024-50010 exec: don't WARN for racy path_noexec check

In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy pathnoexec check Both imode and noexec checks wrapped in WARNON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got moved up in two...

7.1AI score0.00236EPSS
Exploits0References5
CVE
CVE
added 2024/10/21 6:54 p.m.134 views

CVE-2024-50010

CVE-2024-50010 affects the Linux kernel’s exec path checks. The issue is a race in the path_noexec (and i_mode) checks that led to spurious WARN_ON warnings when noexec is toggled, rather than a real permission failure. The fix removes the redundant path_noexec WARN and updates commentary; no exp...

4.7CVSS6.7AI score0.00236EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2024/08/22 8:15 p.m.9 views

PYSEC-2024-192

An issue was discovered in llamaindex before 0.10.38. download/integration.py includes an exec call for import clsname...

8.8CVSS7AI score0.00528EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2024/02/13 8:0 a.m.45 views

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

8.8CVSS7.3AI score0.01484EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/08/30 8:8 p.m.4 views

@gov.au/pancake (>=0.0.6 <=0.0.10), agile-alarm (>=0.0.1 <=0.0.2) +32 more potentially affected by CVE-2023-40582 via find-exec (>=0.0.3 <=1.0.2)

find-exec NPM version =0.0.3, =0.0.6, =0.0.1, =1.3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =2.0.0, =0.1.0, =0.1.0, =1.4.0, =1.4.9 and more Source cves: CVE-2023-40582 Source advisory: OSV:GHSA-95RP-6GQP-6622...

9.8CVSS7.2AI score0.01489EPSS
Exploits0
Debian
Debian
added 2022/10/23 6:38 p.m.28 views

[SECURITY] [DSA 5260-1] lava security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5260-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 23, 2022 https://www.debian.org/security/faq -...

8.8CVSS8.5AI score0.01259EPSS
Exploits1
Rows per page
Query Builder