Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Veracode
Veracodeadded 2025/08/25 8:59 a.m.1 views

Command Injection

mcp-package-docs is vulnerable to command injection. The vulnerability is due to unsanitized input passed to childprocess.exec, which allows an attacker to inject arbitrary system commands and achieve remote code execution under the server process's privileges...

7.5CVSS8.7AI score0.00708EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2024/12/11 7:12 p.m.7 views

CVE-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

8.6CVSS8.2AI score0.00724EPSS
Exploits0References8
CNNVD
CNNVDadded 2023/09/10 12:0 a.m.1 views

Online Tours & Travels Management System SQL Injection Vulnerability

Online Tours & Travels Management System is an online travel management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in Online Tours & Travels Management System, which can be exploited via the id parameter of the exec function on the booking.php page...

9.8CVSS8.1AI score0.00035EPSS
Exploits1References4
CNNVD
CNNVDadded 2023/01/16 12:0 a.m.1 views

githuis P2Manage SQL注入漏洞

P2Manage is a company management software by Daniel van Bolhuis Individual Developer. A SQL injection vulnerability exists in githuis P2Manage, which stems from a security issue in the execution function of the file PTwoManage/Database.cs, leading to SQL injection...

9.8CVSS6.7AI score0.00297EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2021/09/20 3:27 p.m.15 views

CVE-2021-39579

Removed by vendor...

7.8CVSS7.7AI score0.00451EPSS
Exploits1
OSV
OSVadded 2021/04/18 7:15 p.m.0 views

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS7.5AI score0.00806EPSS
Exploits1References2
OSV
OSVadded 2021/04/13 3:22 p.m.1 views

GHSA-HMW2-MVVH-JF5J OS Command Injection in enpeem

enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization...

9.8CVSS6.2AI score0.00578EPSS
Exploits1References3
OSV
OSVadded 2021/04/13 3:22 p.m.0 views

GHSA-3FW4-4H3M-892H OS Command Injection in serial-number

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation...

9.8CVSS6AI score0.00578EPSS
Exploits1References3
OSV
OSVadded 2020/01/08 4:15 p.m.1 views

CVE-2019-10778

devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. The variable commonName controlled by user input is used as part of the exec function without any sanitization...

9.8CVSS7.6AI score
Exploits0References1
Rows per page
Query Builder