Lucene search
K

4205 matches found

CNNVD
CNNVD
added 2025/12/15 12:0 a.m.6 views

FNT Command 安全漏洞

FNT Command is a data center infrastructure management platform from FNT Germany. A security vulnerability exists in FNT Command version 13.4.0, which stems from a code execution vulnerability in the C Base Module...

8.8CVSS7.5AI score0.0035EPSS
Exploits0References3
CNVD
CNVD
added 2025/12/12 12:0 a.m.4 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-30657)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.00596EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.4 views

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.5AI score0.0045EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.10 views

xbtitFM 代码问题漏洞

xbtitFM is a BitTorrent tracker software by the individual developer of xbtitFM. A code issue vulnerability exists in xbtitFM version 4.1.18, which stems from an insecure file upload in the filehosting function that could lead to the execution of arbitrary PHP code...

8.6CVSS7.3AI score0.00524EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/12/05 12:0 a.m.3 views

Dell PowerScale OneFS 8.2.2 <= 9.5.0.8 / 9.6.0.0 <= 9.7.0.2 Escalation of Privileges (DSA-2024-255)

The Dell PowerScale OneFS on the remote device is missing a security patch and is, therefore, affected by escalation of privileges vulnerability: - Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary privileges vulnerability. A local low privileged attacke...

7.8CVSS5.8AI score0.00159EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.2 views

Zenitel TCIV-3+ 跨站脚本漏洞

Zenitel TCIV-3+ is an IP intercom terminal from Zenitel Norway. The Zenitel TCIV-3+ suffers from a cross-site scripting vulnerability that stems from reflective cross-site scripting, which could lead to a remote attacker executing arbitrary JavaScript in the victim's browser...

9.8CVSS6.1AI score0.00865EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 3: .NET 6.0 (TSSA-2023:0179)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0179 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.9AI score0.02627EPSS
Exploits0References6
CVE
CVE
added 2025/11/19 5:35 p.m.31 views

CVE-2025-65099

CVE-2025-65099 – Claude Code pre‑startup trust bypass via Yarn 3.x plugins is raised for Claude Code prior to 1.0.39. The issue allowed code execution from a project directory by exploiting Yarn 3.0+ plugins before the startup trust dialog was accepted. Affected scenario required running Claude C...

9.8CVSS7.1AI score0.00441EPSS
Exploits0References1Affected Software1
Mageia
Mageia
added 2025/11/15 7:11 a.m.5 views

Updated yelp & yelp-xsl packages fix security vulnerability

The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. CVE-2025-3155...

7.4CVSS7.7AI score0.10598EPSS
Exploits1References5
CNVD
CNVD
added 2025/11/14 12:0 a.m.4 views

Microsoft Office Code Execution Vulnerability (CNVD-2026-00027)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...

7.8CVSS8.1AI score0.0041EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2025/11/09 1:37 p.m.6 views

Advisory ROSA-SA-2025-3050

Software: expat 2.2.5 OS: ROSA Virtualization 3.1 unaffected versions = expat-2.2.5-17.0.1.rv31 affected versions expat-2.2.5-17.0.1.rv31 CVE-ID: CVE-2019-15903 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to incorrect restriction of xml...

9.8CVSS8.8AI score0.34174EPSS
Exploits5
EUVD
EUVD
added 2025/11/08 12:31 a.m.6 views

EUVD-2020-30818

Various Ruijie Gateway EG and NBR models firmware versions 11.16B9P1 11.94B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server...

9.2CVSS7.3AI score0.00697EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.3 views

Ruijie EG Series和Ruijie NBR Series 安全漏洞

Ruijie EG Series and Ruijie NBR Series are a series of next-generation security gateway products from China's Ruijie. A security vulnerability exists in the Ruijie EG Series and Ruijie NBR Series that originates from a code execution vulnerability in the EWEB management system that could result i...

9.2CVSS7.5AI score0.00697EPSS
Exploits0References5
CVE
CVE
added 2025/11/05 5:1 p.m.16 views

CVE-2025-43990

Dell Command Monitor (DCM) prior to version 10.12.3.28 is affected by an Execution with Unnecessary Privileges vulnerability. A local, low-privilege attacker could potentially escalate privileges on impacted systems. The issue is documented across multiple sources (Dell/Dell Knowledge Base, Red H...

7.8CVSS6.2AI score0.00118EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2025/10/30 12:31 p.m.2 views

Execution with Unnecessary Privileges

Overview Affected versions of this package are vulnerable to Execution with Unnecessary Privileges via the /api/v2/dagReports endpoint. An attacker can execute arbitrary code in the context of the API server by submitting malicious DAG code through the API. Note: This is only exploitable if the A...

5.4CVSS7.8AI score0.00476EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/21 7:34 a.m.5 views

CVE-2025-61932

Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...

9.8CVSS7.8AI score0.02689EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/20 12:0 a.m.6 views

HCL AION code execution vulnerability (CNVD-2026-16411)

HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a code execution vulnerability that is caused due to a flaw in the content security policy. An attacker can exploit the vulnerability to execute arbitrary scripts inline...

8.2CVSS6.5AI score0.00214EPSS
Exploits0
CNVD
CNVD
added 2025/10/17 12:0 a.m.3 views

Microsoft Excel Code Execution Vulnerability (CNVD-2025-24447)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.00409EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/17 12:0 a.m.6 views

Microsoft Office Visio Code Execution Vulnerability (CNVD-2026-00030)

Microsoft Office Visio is a U.S. Microsoft Microsoft Office software series responsible for drawing flowcharts and schematic diagrams in the software. A code execution vulnerability exists in Microsoft Office Visio, which can be exploited by an attacker to execute arbitrary code on a system...

7.8CVSS8.1AI score0.00347EPSS
Exploits0References1
NVD
NVD
added 2025/10/16 10:15 a.m.4 views

CVE-2025-55072

Stored cross-site scripting XSS vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser...

5.4CVSS0.00257EPSS
Exploits0References2
Rows per page
Query Builder