Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9810 matches found

CVE
CVEadded 2021/08/16 10:0 p.m.88 views

CVE-2021-21595

Dell EMC PowerScale OneFS (versions 8.2.x–9.1.1.x) contains an elevation-of-privileges flaw caused by improper neutralization of special elements in an OS command. The vulnerability could allow the compadmin user to gain higher privileges, and is reported to impact Smartlock WORM compliance mode ...

6.7CVSS6.4AI score0.00241EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2021/08/16 8:15 a.m.11 views

CVE-2021-23422

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output...

7.8CVSS7.8AI score
Exploits0References2
UbuntuCve
UbuntuCveadded 2021/08/16 8:15 a.m.345 views

CVE-2021-23422

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output...

7.8CVSS7.2AI score0.00789EPSS
Exploits0References3
Prion
Prionadded 2021/08/16 8:15 a.m.10 views

Design/Logic Flaw

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output...

6.8CVSS7.8AI score0.00789EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2021/08/16 8:15 a.m.39 views

PYSEC-2021-116

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output...

7.8CVSS2.2AI score0.00789EPSS
Exploits0References3
CVE
CVEadded 2021/08/16 8:0 a.m.72 views

CVE-2021-23422

The CVE-2021-23422 issue affects the bikeshed pre-3.0.0 preprocessor. Affected component/file: Bikeshed processing of an untrusted source file containing Inline Tag Command metadata can trigger OS command execution, with the resulting command output embedded in the HTML output. This indicates a r...

7.8CVSS7.7AI score0.00789EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2021/08/16 8:0 a.m.12 views

CVE-2021-23422 Arbitrary Code Injection

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output...

7.8CVSS8AI score0.00789EPSS
Exploits0References2
NVD
NVDadded 2021/08/16 5:15 a.m.16 views

CVE-2021-3708

D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device...

7.8CVSS0.24563EPSS
Exploits2References3
CVE
CVEadded 2021/08/16 4:55 a.m.122 views

CVE-2021-3708

CVE-2021-3708 affects the D-Link DSL-2750U router (firmware ME1.16 and earlier). The vulnerability is an OS command injection that an unauthenticated, local-network attacker can trigger to execute arbitrary commands. Remediation: upgrade to firmware vME_1.22 (as indicated by JVN/CNVD references)....

7.8CVSS6.5AI score0.24563EPSS
In wildExploits2References3Affected Software1
Cvelist
Cvelistadded 2021/08/16 4:55 a.m.22 views

CVE-2021-3708

D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device...

6.9AI score0.24563EPSS
Exploits2References3
CVE
CVEadded 2021/08/16 4:55 a.m.129 views

CVE-2021-3707

CVE-2021-3707 (and CVE-2021-3708) affects D-Link DSL-2750U routers with firmware vME1.16 or earlier. The issues allow an unauthenticated attacker on the local network to perform dangerous actions: CVE-2021-3707 enables unauthorized configuration modification, while CVE-2021-3708 enables OS comman...

5.5CVSS6.4AI score0.01541EPSS
Exploits2References3Affected Software1
NVD
NVDadded 2021/08/13 4:15 p.m.20 views

CVE-2021-36380

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi...

10CVSS0.97599EPSS
Exploits1References3
CVE
CVEadded 2021/08/13 3:53 p.m.213 views

CVE-2021-36380

Sunhillo SureLine

10CVSS9.7AI score0.97599EPSS
In wildExploits1References3Affected Software1
Cvelist
Cvelistadded 2021/08/13 3:53 p.m.29 views

CVE-2021-36380

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi...

10AI score0.97599EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2021/08/13 3:53 p.m.24 views

CVE-2021-36380

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi...

7.5AI score0.97599EPSS
Exploits1References2
NVD
NVDadded 2021/08/13 12:15 p.m.26 views

CVE-2021-37346

Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command OS Command injection...

9.8CVSS0.73586EPSS
Exploits0References1
Prion
Prionadded 2021/08/13 12:15 p.m.25 views

Command injection

Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command OS Command injection...

7.5CVSS9.7AI score0.73586EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2021/08/13 12:15 p.m.24 views

Command injection

Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command OS Command injection...

7.5CVSS9.7AI score0.96772EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/08/13 11:32 a.m.22 views

CVE-2021-37344

Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command OS Command injection...

10AI score0.96772EPSS
Exploits0References1
CVE
CVEadded 2021/08/13 11:32 a.m.107 views

CVE-2021-37344

CVE-2021-37344 affects Nagios XI Switch Wizard prior to version 2.5.7, with remote code execution via OS command injection caused by improper neutralization of special elements in OS commands. Affected product: Nagios XI Switch Wizard (Nagios XI platform). Root cause: improper filtering of specia...

9.8CVSS9.8AI score0.96772EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder