CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

CVE-2025-69600

Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49...

RayVentory Scan Engine 安全漏洞

RayVentory Scan Engine is a network scanning engine developed by the German company RayVentory, designed for automatically discovering and collecting IT asset information. Versions of RayVentory Scan Engine 12.6 Update 8 and earlier contained security vulnerabilities. These vulnerabilities stemme...

CVE-2026-38945

Raynet rvia 12.6 Update 8 and earlier versions are affected by a command injection due to improper termination of search criteria in Java-based search using the find command. This allows an adversary with local access to execute arbitrary code via a crafted path. The CVSS base score is 7.8 (HIGH)...

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

EUVD-2005-3961

Malware in sbrugna...

CVE-2025-3245

A vulnerability was found in itsourcecode Library Management System 1.0. It has been rated as critical. Affected by this issue is the function Search of the file librarymanagement/src/LibraryManagement/Forgot.java. The manipulation of the argument txtuname leads to sql injection. The attack may b...

Oracle Java File Detection for Windows (deprecated)

The host contains one or more java executables. This plugin has been deprecated. unmanagedsoftwarewindows.nbin plugin ID 921433 is used instead. Binary data sunjavasearch.nbin...

CVE-2005-3966

Cross-site scripting XSS vulnerability in search.jsp in Java Search Engine JSE 0.9.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2005-3966

Cross-site scripting XSS vulnerability in search.jsp in Java Search Engine JSE 0.9.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2005-3966

CVE-2005-3966 concerns Cross-site Scripting (XSS) in Java Search Engine (JSE) 0.9.34. The vulnerability is triggered via the q parameter in search.jsp, allowing remote attackers to inject arbitrary web script or HTML. The NVD/CVE details show a MEDIUM severity (CVSS v2 base score 4.3) with networ...

JSE XSS vuln.

JSE XSS vuln. Vuln. dicovered by : r0t Date: 2 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/jse-xss-vuln.html Vendor:http://www.me.lv/jse/index.html affected version:0.9.34 Product Description: Java Search Engine is a server-side search engine program for web sites. Search engin...

Java Search Engine 0.9.34 - search.jsp Cross-Site Scripting

Java Search Engine 0.9.34 - search.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/15687/info Java Search Engine is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...

Java Search Engine 0.9.34 - search.jsp Cross-Site Scripting

source: https://www.securityfocus.com/bid/15687/info Java Search Engine is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...