Lucene search
K

459 matches found

Vulnrichment
Vulnrichment
added 2025/10/30 1:57 p.m.3 views

CVE-2025-43941

Dell Unity, versions 5.5 and Prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command with root privileges. This...

7.2CVSS6.7AI score0.00719EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/22 1:12 a.m.6 views

CVE-2025-6541

An arbitrary OS command may be executed on the product by the user who can log in to the web management interface...

8.8CVSS7.1AI score0.0064EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 1:15 a.m.3 views

CVE-2025-6542

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker...

9.8CVSS5.9AI score0.00925EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/21 12:28 a.m.4 views

CVE-2025-7850 Authenticated OS command execution

A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways...

9.3CVSS7.4AI score0.02171EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/21 12:23 a.m.5 views

EUVD-2025-35117

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker...

9.3CVSS6.8AI score0.00925EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/21 12:21 a.m.16 views

CVE-2025-6541 OS command injection using information obtained from the web management interface

An arbitrary OS command may be executed on the product by the user who can log in to the web management interface...

8.6CVSS0.0064EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/15 7:24 a.m.12 views

CVE-2025-61941

A path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10. Arbitrary file may be altered by an administrative user who logs in to the affected product. Moreover, arbitrary OS command may be executed via some file alteration...

8.6CVSS0.00474EPSS
Exploits0References2
NVD
NVD
added 2025/10/14 3:16 p.m.5 views

CVE-2025-10243

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS0.21105EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 2:14 p.m.12 views

CVE-2025-10242

CVE-2025-10242 affects Ivanti Endpoint Manager Mobile (EPMM) via an OS command injection vulnerability in the admin panel. The issue allows a remote authenticated attacker with admin privileges to achieve remote code execution. Affected versions are Ivanti EPMM before 12.6.0.2, 12.5.0.x before 12...

7.2CVSS7.9AI score0.21105EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.8 views

PT-2025-41927

Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.6.0.2 Ivanti EPMM versions prior to 12.5.0.4 Ivanti EPMM versions prior to 12.4.0.4 Description A flaw exists in the admin panel of Ivanti EPMM that allows a remote authenticated attacker with admin privileges ...

7.2CVSS7.8AI score0.21105EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.9 views

PT-2025-41757

Name of the Vulnerable Software and Affected Versions Ericsson RAN Compute and Site Controller affected versions not specified Description The software contains a high severity issue where improper neutralization of special elements used in an OS command could be exploited, potentially leading to...

8.4CVSS6.5AI score0.00266EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/08 6:32 p.m.11 views

CVE-2025-11490 wonderwhy-er DesktopCommanderMCP Absolute Path command-manager.ts extractBaseCommand os command injection

A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from...

6.5CVSS0.03591EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/10/07 6:2 p.m.4 views

CVE-2025-43906

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralizatio...

6.7CVSS6.6AI score0.0062EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-1487

Malware in sbrugna...

10CVSS9.5AI score0.02538EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-29851

Malware in sbrugna...

10CVSS9.2AI score0.0209EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: xterm (UTSA-2025-680592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680592 advisory. xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi...

9.8CVSS8.6AI score0.04949EPSS
Exploits1References4
OSV
OSV
added 2025/10/06 5:16 p.m.8 views

CVE-2025-60957

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information...

9.9CVSS6AI score0.01617EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/06 12:0 a.m.2 views

CVE-2025-60965

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts...

7.5AI score0.01662EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/06 12:0 a.m.2 views

CVE-2025-60962

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server GPS F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts...

7AI score0.01022EPSS
Exploits0References3
CVE
CVE
added 2025/10/06 12:0 a.m.14 views

CVE-2025-60957

The CVE-2025-60957 entry concerns EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware 4.00 on hardware/version 6010-0071-000. The vulnerability is an OS Command Injection in the router’s OS, enabling an unauthenticated or remote attacker to potentially execute arbitrary code, cause ...

9.9CVSS7.5AI score0.01617EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder