CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9810 matches found

Github Security Blog•added 2021/12/02 5:51 p.m.•41 views

OS Command injection in docker-cli-js

Withdrawn After reviewing this CVE, and this response from the maintainer, we have withdrawn this advisory. Original CVE description This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will ...

9.3CVSS4.8AI score0.01824EPSS

Exploits1References5Affected Software1

CNVD•added 2021/12/02 12:0 a.m.•16 views

Victure WR1200 OS Command Injection Vulnerability

The Victure WR1200 is a router. The Victure WR1200 1.0.3 and prior versions are vulnerable to OS command injection, which can be exploited by attackers to inject arbitrary shell commands using valid credentials...

9CVSS5.4AI score0.05404EPSS

Exploits3References1

OSV•added 2021/12/01 6:29 p.m.•14 views

GHSA-7RPC-9M88-CF9W OS Command Injection Vulnerability and Potential Zip Slip Vulnerability in baserCMS

There is an OS Command Injection Vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible. Target baserCMS...

9.1CVSS9.2AI score0.02174EPSS

Exploits0References4

Github Security Blog•added 2021/12/01 6:29 p.m.•25 views

OS Command Injection Vulnerability and Potential Zip Slip Vulnerability in baserCMS

9.1CVSS2.7AI score0.02174EPSS

Exploits0References4Affected Software1

OSV•added 2021/12/01 6:29 p.m.•15 views

GHSA-4X2F-54WR-4HJG Potential Zip Slip Vulnerability in baserCMS

There is a OS Command Injection Vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible. Target baserCMS...

7.7CVSS8.8AI score0.01565EPSS

Exploits0References4

Github Security Blog•added 2021/12/01 6:29 p.m.•25 views

Potential Zip Slip Vulnerability in baserCMS

9CVSS2.2AI score0.01565EPSS

Exploits0References4Affected Software1

NVD•added 2021/12/01 3:15 a.m.•12 views

CVE-2021-20859

ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior,...

8CVSS0.00545EPSS

Exploits0References2

NVD•added 2021/12/01 3:15 a.m.•10 views

CVE-2021-20864

Improper access control vulnerability in ELECOM routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...

8.8CVSS0.00502EPSS

Exploits0References2

NVD•added 2021/12/01 3:15 a.m.•10 views

CVE-2021-20863

OS command injection vulnerability in ELECOM routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...

8CVSS0.00862EPSS

Exploits0References2

NVD•added 2021/12/01 3:15 a.m.•10 views

CVE-2021-20852

Buffer overflow vulnerability in ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors...

6.8CVSS0.00454EPSS

Exploits0References2

Prion•added 2021/12/01 3:15 a.m.•13 views

Design/Logic Flaw

ELECOM LAN routers WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors...

5.2CVSS7.4AI score0.00422EPSS

Exploits0References2Affected Software2

Prion•added 2021/12/01 3:15 a.m.•13 views

Command injection

7.7CVSS8AI score0.00545EPSS

Exploits0References2Affected Software14

Prion•added 2021/12/01 3:15 a.m.•15 views

Command injection

7.7CVSS7.9AI score0.00862EPSS

Exploits0References2Affected Software14

Prion•added 2021/12/01 3:15 a.m.•14 views

Buffer overflow

5.2CVSS7.4AI score0.00454EPSS

Exploits0References2Affected Software2

Prion•added 2021/12/01 3:15 a.m.•11 views

Improper access control

8.3CVSS8.7AI score0.00502EPSS

Exploits0References2Affected Software14

CVE•added 2021/12/01 2:15 a.m.•42 views

CVE-2021-20864

CVE-2021-20864 affects ELECOM routers (e.g., WRC-1167GST2, WRC-2533GS2, WRC-1750GS, WRC-1900GST, EDWRC-2533GST2, among others) and is caused by improper access control. This allows a network-adjacent unauthenticated attacker to bypass access restrictions and start the telnet service to execute ar...

8.8CVSS8.7AI score0.00502EPSS

Exploits0References2Affected Software1

CVE•added 2021/12/01 2:15 a.m.•38 views

CVE-2021-20863

CVE-2021-20863 is an OS command injection vulnerability in ELECOM Edwrc/WRC routers. A network-adjacent, authenticated attacker can run arbitrary commands as root via unspecified vectors. Affected firmware ranges include WRC-1167GST2 (v1.25 and prior) and WRC-1167GST2A/H (v1.25 and prior); WRC-25...

8CVSS7.9AI score0.00862EPSS

Exploits0References2Affected Software1

CVE•added 2021/12/01 2:15 a.m.•43 views

CVE-2021-20859

ELECOM CVE-2021-20859 describes an OS command injection vulnerability affecting numerous ELECOM LAN routers, allowing a network-adjacent authenticated attacker to execute arbitrary OS commands via unspecified vectors. The affected models/firmware ranges include WRC-1167GST2, WRC-1167GST2A/H, WRC-...

8CVSS8AI score0.00545EPSS

Exploits0References2Affected Software1