Lucene search
K

47 matches found

NVD
NVD
added 2026/06/08 5:16 a.m.16 views

CVE-2026-11487

A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...

5.3CVSS0.00923EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 4:15 a.m.5 views

CVE-2026-11487 Neovim View Branch secure.lua M.read command injection

A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...

4.8CVSS5.5AI score0.00923EPSS
Exploits0References10
Microsoft CVE
Microsoft CVE
added 2026/04/14 2:0 p.m.10 views

Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally...

7CVSS6.2AI score0.00186EPSS
Exploits0
EUVD
EUVD
added 2026/04/02 3:31 p.m.6 views

EUVD-2026-18340

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

5.8CVSS5.6AI score0.04353EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

Tenda G103 命令注入漏洞

The Tenda G103 is a GPON fiber access device designed specifically for home and SOHO users by the Chinese company Tenda. Version 1.0.0.5 of the Tenda G103 contains a command injection vulnerability. This vulnerability stems from improper handling of parameters such as...

8.8CVSS5.8AI score0.05698EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2026/03/22 12:0 a.m.13 views

PT-2026-26968

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action ipsec conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5.6AI score0.10296EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.5 views

CVE-2025-56083

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrnetworkIdmerge.lua...

8.8CVSS7.9AI score0.01815EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.8 views

CVE-2025-56117

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

8.8CVSS7.9AI score0.02769EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.3 views

CVE-2025-56093

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua...

8.8CVSS7.9AI score0.02861EPSS
Exploits1References1
NVD
NVD
added 2025/12/11 7:15 p.m.8 views

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

8.8CVSS0.01879EPSS
Exploits1References2
NVD
NVD
added 2025/12/11 7:15 p.m.68 views

CVE-2025-56129

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actiondiagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua...

8.8CVSS0.02398EPSS
Exploits1References3
OSV
OSV
added 2025/12/11 7:15 p.m.4 views

CVE-2025-56124

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

7.8CVSS6AI score0.01179EPSS
Exploits1References3
CVE
CVE
added 2025/12/11 12:0 a.m.19 views

CVE-2025-56082

The CVE-2025-56082 entry describes an OS Command Injection in Ruijie RG-BCR600W. Affected component: the LUCI admin controller at /usr/lib/lua/luci/controller/admin/common.lua. Root cause: unvalidated input in the check_changes function allows arbitrary command execution via a crafted POST reques...

8.8CVSS7.5AI score0.02157EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/12/11 12:0 a.m.5 views

EUVD-2025-202751

OS Command Injection vulnerability in Ruijie RG-RAP2200E 247 2200 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.3AI score0.02578EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.5 views

PT-2025-50662

Name of the Vulnerable Software and Affected Versions Ruijie X30 PRO V1 X30-PRO-V1 09241521 Description An issue exists in Ruijie X30 PRO V1 X30-PRO-V1 09241521 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module get function within t...

8.8CVSS7AI score0.02729EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.7 views

PT-2025-50664

Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO versions X30-PRO-V1 09241521 Description An OS Command Injection issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module get...

8.8CVSS8.1AI score0.03067EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/11 12:0 a.m.6 views

EUVD-2025-202742

OS Command Injection vulnerability in Ruijie M18 EW3.01B11P226M1810223116 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.3AI score0.02578EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.4 views

CVE-2025-56084

OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.5AI score0.01922EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50650

Name of the Vulnerable Software and Affected Versions Ruijie RG-RAP2200E version 247 2200 Description An issue exists in Ruijie RG-RAP2200E 247 2200 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set in the /usr/local/lua/dev...

8.8CVSS7.1AI score0.02578EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.7 views

PT-2025-50653

Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An OS Command Injection issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module set...

8.8CVSS7.6AI score0.01815EPSS
Exploits0References6
Rows per page
Query Builder