Lucene search
K

9848 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-53478

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

7.2CVSS0.01216EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41553

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

6.7CVSS6AI score0.00492EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-49814

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command 'OS...

7.2CVSS0.01216EPSS
Exploits0References1
CVE
CVE
added 3 days ago18 views

CVE-2026-49814

CVE-2026-49814 affects Dell PowerProtect Data Domain, including versions 7.7.1.0–8.7 and several LTS releases (8.6.1.0–8.6.1.10, 8.3.1.0–8.3.1.30, 7.13.1.0–7.13.1.70). The vulnerability is an OS Command Injection due to improper neutralization of special elements, allowing a high-privilege, remot...

7.2CVSS6.1AI score0.01216EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41549

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command 'OS...

7.2CVSS6.2AI score0.01096EPSS
Exploits0References1
CVE
CVE
added 3 days ago17 views

CVE-2026-53478

Summary: CVE-2026-53478 affects Dell PowerProtect Data Domain (versions 7.7.1.0–8.7; LTS2026: 8.6.1.0–8.6.1.10; LTS2025: 8.3.1.0–8.3.1.30; LTS2024: 7.13.1.0–7.13.1.70) and is caused by improper neutralization of special elements used in an OS command (OS command injection). A high-privilege attac...

7.2CVSS6AI score0.01216EPSS
Exploits0References1
Nuclei
Nuclei
added 3 days ago80 views

MajorDoMo thumb.php - OS Command Injection

MajorDoMo aka Major Domestic Module before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager. id: CVE-2023-50917 info: name: MajorDoMo thumb.php - OS Command Injection author: DhiyaneshDK severity: critical...

9.8CVSS7.3AI score0.38263EPSS
Exploits6References5
NVD
NVD
added 3 days ago4 views

CVE-2026-54483

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

6.7CVSS0.00482EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41537

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command 'OS...

6.5CVSS6AI score0.01052EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41536

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

6.7CVSS6AI score0.00482EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-54483

CVE-2026-54483 affects Dell PowerProtect Data Domain: versions 7.7.1.0–8.6, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70. The vulnerability is described as OS command injection caused by improper neutralization of special elements in certain OS commands. A hi...

6.7CVSS6AI score0.00482EPSS
Exploits0References1
Nuclei
Nuclei
added 4 days ago10 views

D-Link DIR820LA1_FW105B03 'ping_addr' - OS Command Injection

OS Command injection vulnerability in D-Link DIR820LA1FW105B03 allows attackers to escalate privileges to root via a crafted payload with the pingaddr parameter to ping.ccp. id: CVE-2023-25280 info: name: D-Link DIR820LA1FW105B03 'pingaddr' - OS Command Injection author: pussycat0x severity:...

9.8CVSS6.9AI score0.98053EPSS
Exploits1References2
EUVD
EUVD
added 4 days ago4 views

EUVD-2026-41262

The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to OS Command Injection in all versions up to and including 7.11 via the wpdbexcludetable parameter. This is due to the direct concatenation of user-supplied $POST'wpdbexcludetable' valu...

7.2CVSS6.3AI score0.01588EPSS
Exploits0References8
CVE
CVE
added 5 days ago11 views

CVE-2026-58457

CVE-2026-58457 affects Shenzhen Aitemi M300 MT02 (Wi‑Fi Repeater). An unauthenticated OS command injection exists in the commuos web backend via the smacfilter_conf handler. Attackers can append semicolon-delimited payloads to the name, enable, or mac GET parameters, which are unsanitized and pas...

9.8CVSS6.1AI score0.01671EPSS
Exploits0References3
NVD
NVD
added 5 days ago6 views

CVE-2026-58452

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a...

8.8CVSS0.02422EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-34114 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in translate_text.php

Guardian language-system passes the id GET parameter directly into a PHP exec call in translatetext.php line 18 without sanitization: exec"php jobs/translatetext.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS0.00537EPSS
Exploits0References2
CVE
CVE
added 5 days ago10 views

CVE-2026-34114

Guardian language-system is affected by an unauthenticated OS command injection in translate_text.php. The code passes the id GET parameter directly into a PHP exec() call without sanitization, allowing an attacker to append shell metacharacters and execute arbitrary commands on the server. No au...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References2
CVE
CVE
added 5 days ago11 views

CVE-2026-34106

Guardian Language-System is affected by an unauthenticated OS command injection in subtitles.php. The id GET parameter is directly concatenated into a PHP exec() call without sanitization, enabling remote attackers to inject shell metacharacters and execute arbitrary commands on the server. The v...

9.8CVSS6.1AI score0.0068EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-58452 JAIOTlink C492A-W6 4.8.30.57701411 OS Command Injection via SetMAC Endpoint

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a...

8.8CVSS0.02422EPSS
Exploits0References3
CVE
CVE
added 5 days ago12 views

CVE-2026-58452

The CVE covers JAIOTlink C492A-W6 Wi‑Fi IP cameras running firmware 4.8.30.57701411. Affected component is the NetSDK/Factory SetMAC HTTP PUT endpoint. The root cause is an OS command injection where a malicious Wireless parameter (starting with a MAC-like prefix, then a semicolon and a shell pay...

8.8CVSS6.4AI score0.02422EPSS
Exploits0References3
Rows per page
Query Builder