Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4202 matches found

CVE
CVEadded 2025/03/16 12:0 a.m.74 views

CVE-2025-30076

Koha vulnerability CVE-2025-30076: affects Koha prior to 24.11.02, where admins can execute arbitrary commands via shell metacharacters in the tools/scheduler.pl report parameter. Root cause is unvalidated shell input allowing command execution. Impact is authenticated admin access leading to pot...

7.7CVSS7.8AI score0.00374EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/03/15 7:4 a.m.7 views

CVE-2025-26260

Plenti = 0.7.16 is vulnerable to code execution. Users uploading '.svelte' files with the /postLocal endpoint can define the file name as javascript codes. The server executes the uploaded file name in host, and cause code execution...

8.8CVSS7.1AI score0.00696EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/03/15 6:15 a.m.6 views

CVE-2024-54018

Multiple improper neutralization of special elements used in an OS Command vulnerabilities CWE-78 in FortiSandbox before 4.4.5 allows a privileged attacker to execute unauthorized commands via crafted requests...

7.2CVSS7.4AI score0.09242EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/03/14 7:56 p.m.20 views

Qiskit allows arbitrary code execution decoding QPY format versions < 13

Impact A maliciously crafted QPY file can potentially execute arbitrary-code embedded in the payload without privilege escalation when deserializing QPY formats 13. A python process calling Qiskit's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded in the corre...

9.8CVSS9.6AI score0.00741EPSS
Exploits0References4Affected Software2
CNVD
CNVDadded 2025/03/14 12:0 a.m.12 views

Adobe Substance 3D Designer Out-of-Bounds Write Vulnerability (CNVD-2025-05200)

Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Substance 3D Designer 14.1 and earlier versions, which can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.9AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/03/13 10:17 p.m.7 views

CVE-2025-2020

Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.4AI score0.0026EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/03/13 10:13 p.m.12 views

CVE-2025-2016

Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visi...

7.8CVSS7.4AI score0.0026EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/03/13 7:23 p.m.9 views

CVE-2025-24439

Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.4AI score0.00286EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/03/13 6:40 p.m.13 views

CVE-2025-26645

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

8.8CVSS8.7AI score0.03227EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/03/13 4:53 p.m.5 views

CVE-2025-22368

The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS commands are improperly neutralized when certain fields are passed to the underlying OS...

8.7CVSS7.2AI score0.00559EPSS
Exploits0References5
CNVD
CNVDadded 2025/03/13 12:0 a.m.6 views

Command Execution Vulnerability in the Management Panel of Car Park Server of Xiamen KTO Communication Technology Co.

Xiamen KTO Communication Technology Co., Ltd. is a professional smart parking solution provider, focusing on the smart parking industry for many years. A command execution vulnerability exists in the management panel of the car park server of Xiamen KTO Communication Technology Co. Ltd, which can...

7.9AI score
Exploits0
OSV
OSVadded 2025/03/12 1:15 p.m.3 views

CVE-2025-29903

In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible...

7.8CVSS7.1AI score
Exploits0References1
Veracode
Veracodeadded 2025/03/12 8:52 a.m.10 views

Improper Verification Of Cryptographic Signature

dotnet-debugger-extensions, dotnet-dump and dotnet-sos are vulnerable to Improper Verification of Cryptographic Signature. The vulnerability is due to insufficient validation mechanisms, allowing an authorized attacker to execute code over a network...

7.5CVSS7.1AI score0.00851EPSS
Exploits0References5Affected Software3
CVE
CVEadded 2025/03/12 12:0 a.m.68 views

CVE-2025-26260

Summary: CVE-2025-26260 affects Plenti

8.8CVSS7.3AI score0.00696EPSS
Exploits1References4Affected Software1
CNVD
CNVDadded 2025/03/12 12:0 a.m.15 views

Google Chrome Code Execution Vulnerability (CNVD-2025-05085)

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome prior to version 134.0.6998.88, which stems from type obfuscation in V8 and can be exploited by an attacker to execute arbitrary code on a system...

8.8CVSS7.4AI score0.06387EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/03/11 8:43 p.m.23 views

CVE-2025-2023 Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must vis...

7.8CVSS0.0026EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/03/11 4:59 p.m.25 views

CVE-2025-26645 Remote Desktop Client Remote Code Execution Vulnerability

...

8.8CVSS8.8AI score0.03227EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/03/11 4:59 p.m.24 views

CVE-2025-26629 Microsoft Office Remote Code Execution Vulnerability

...

7.8CVSS0.00543EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/03/11 4:59 p.m.22 views

CVE-2025-24084 Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability

...

8.4CVSS8.4AI score0.00653EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/03/11 4:58 p.m.16 views

CVE-2025-24079 Microsoft Word Remote Code Execution Vulnerability

...

7.8CVSS7.7AI score0.00655EPSS
Exploits0References1
Rows per page
Query Builder