Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9813 matches found

NVD
NVDadded 2022/03/30 11:15 p.m.17 views

CVE-2021-46007

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks...

10CVSS0.03632EPSS
Exploits1References3
Cvelist
Cvelistadded 2022/03/30 10:12 p.m.22 views

CVE-2021-46007

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks...

10AI score0.03632EPSS
Exploits1References3
CVE
CVEadded 2022/03/30 10:12 p.m.86 views

CVE-2021-46007

CVE-2021-46007 affects TotoLink A3100R, specifically version V5.9c.4577. The vulnerability is an operating system command injection in which an input field does not properly filter special symbols, allowing the backend to execute the ping command. Reported in multiple sources (NVD entry for CVE-2...

10CVSS9.8AI score0.03632EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploitadded 2022/03/29 9:2 p.m.28 views

Exploit for OS Command Injection in Postgresql

CVE-2019–9193 - PostgreSQL 9.3-12.3 Authenticated Remote Code...

9CVSS7.4AI score0.91877EPSS
Exploits17
RedHat Linux
RedHat Linuxadded 2022/03/29 7:5 a.m.4 views

workflow-cps: OS command execution through crafted SCM contents

A flaw was found in Jenkins. The Pipeline: Groovy Plugin uses the same checkout directories for distinct SCMs when reading the script file typically Jenkinsfile for Pipelines. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through craft...

8.8CVSS5.9AI score0.01422EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2022/03/29 12:0 a.m.63 views

RHEL 8 : OpenShift Container Platform 4.10.6 (RHSA-2022:1025)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:1025 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

8.8CVSS6.8AI score0.01758EPSS
Exploits0References26
Tenable Nessus
Tenable Nessusadded 2022/03/29 12:0 a.m.54 views

RHEL 8 : OpenShift Container Platform 4.9.26 (RHSA-2022:1021)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1021 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

8.8CVSS6.8AI score0.1619EPSS
Exploits0References28
Cvelist
Cvelistadded 2022/03/28 4:25 p.m.29 views

CVE-2021-22795

A CWE-78 Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert V7.8.1 and prior...

9.1CVSS10AI score0.03083EPSS
Exploits0References1
CVE
CVEadded 2022/03/28 4:25 p.m.62 views

CVE-2021-22795

The CVE-2021-22795 entry affects Schneider Electric StruxureWare Data Center Expert (versions 7.8.1 and earlier) and is an OS Command Injection (CWE-78) vulnerability that could allow remote code execution over the network. Some sources indicate authentication may be required to exploit, while CV...

9.8CVSS9.8AI score0.03083EPSS
Exploits0References1Affected Software1
CISA KEV Catalog
CISA KEV Catalogadded 2022/03/25 12:0 a.m.12 views

D-Link DCS-930L Devices OS Command Injection Vulnerability

setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command...

9CVSS6.6AI score0.68525EPSS
In wildExploits1
CISA KEV Catalog
CISA KEV Catalogadded 2022/03/25 12:0 a.m.16 views

Apache Kylin OS Command Injection Vulnerability

Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution...

9CVSS3.4AI score0.9796EPSS
In wildExploits2
ATTACKERKB
ATTACKERKBadded 2022/03/24 3:15 a.m.2 views

CVE-2022-27811

GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename...

9.8CVSS7.2AI score0.03008EPSS
Exploits1References4
Prion
Prionadded 2022/03/24 3:15 a.m.16 views

Command injection

GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename...

7.5CVSS9.8AI score0.03008EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2022/03/24 12:0 a.m.19 views

CVE-2022-27811

GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename...

10AI score0.03008EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2022/03/24 12:0 a.m.64 views

CVE-2022-27811

GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename...

9.8CVSS9.8AI score0.03008EPSS
Exploits1
NVD
NVDadded 2022/03/23 8:15 p.m.31 views

CVE-2022-22951

VMware Carbon Black App Control 8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2 contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may b...

9.1CVSS0.21926EPSS
Exploits0References1
NVD
NVDadded 2022/03/23 8:15 p.m.19 views

CVE-2021-27476

A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier...

10CVSS0.04271EPSS
Exploits0References2
OSV
OSVadded 2022/03/23 8:15 p.m.4 views

CVE-2021-27476

A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier...

9.8CVSS6AI score0.04271EPSS
Exploits0References2
Prion
Prionadded 2022/03/23 8:15 p.m.17 views

Command injection

A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier...

7.5CVSS9.9AI score0.04271EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/03/23 7:46 p.m.128 views

CVE-2022-22951

CVE-2022-22951 affects VMware Carbon Black App Control (versions 8.5.x prior to 8.5.14; 8.6.x prior to 8.6.6; 8.7.x prior to 8.7.4; 8.8.x prior to 8.8.2). The vulnerability is an OS command injection caused by improper input validation that could allow an authenticated, highly privileged attacker...

9.1CVSS9.6AI score0.21926EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder