Lucene search
+L

28 matches found

cve
cve
added yesterday4 views

CVE-2026-14371

The vulnerability CVE-2026-14371 affects Lenovo XClarity Integrator for Windows Admin Center plugin (WAC Gateway) version 5.1.1 and earlier. The issue is a Powershell Command Injection when establishing remote PowerShell commands, with a CVSS v4.0 base score of 8.8 (HIGH) and impact across confid...

8.8CVSS6.1AI score
Exploits0References1
attackerkb
attackerkb
added yesterday4 views

CVE-2026-14371

The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands...

8.8CVSS6.1AI score
Exploits0References2Affected Software1
osv
osv
added 2026/06/25 10:34 p.m.4 views

GO-2026-5421 PowerShell Command Injection in Podman HyperV Machine in github.com/containers/podman

PowerShell Command Injection in Podman HyperV Machine in github.com/containers/podman...

8.8CVSS5.8AI score0.00607EPSS
Exploits0References3
susecve
susecve
added 2026/05/08 2:22 a.m.11 views

SUSE CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

7.8CVSS6.1AI score0.00607EPSS
Exploits0References2
nessus
nessus
added 2026/04/16 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-33414

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in...

8.8CVSS6.1AI score0.00607EPSS
Exploits0References3
osv
osv
added 2026/04/14 11:16 p.m.5 views

DEBIAN-CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

7.8CVSS6AI score0.00607EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/04/14 11:16 p.m.9 views

CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

8.8CVSS6AI score0.00607EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/04/14 10:42 p.m.5 views

CVE-2026-33414 PowerShell Command Injection in Podman HyperV Machine

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

7.1CVSS6.1AI score0.00607EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/14 10:42 p.m.4 views

CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

7.1CVSS6.1AI score0.00607EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/04/14 10:42 p.m.27 views

CVE-2026-33414 PowerShell Command Injection in Podman HyperV Machine

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

7.1CVSS0.00607EPSS
Exploits0References2
osv
osv
added 2026/04/14 10:30 p.m.6 views

GHSA-HC8W-H2MF-HP59 PowerShell Command Injection in Podman HyperV Machine

Summary A command injection vulnerability exists in Podman's HyperV machine backend. The VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $ subexpression injection. Affected Code File: pkg/machine/hyperv/stubber.go:647 go resize :=...

7.8CVSS6.1AI score0.00607EPSS
Exploits0References4
github
github
added 2026/04/14 10:30 p.m.10 views

PowerShell Command Injection in Podman HyperV Machine

Summary A command injection vulnerability exists in Podman's HyperV machine backend. The VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $ subexpression injection. Affected Code File: pkg/machine/hyperv/stubber.go:647 go resize :=...

8.8CVSS6.1AI score0.00607EPSS
Exploits0References4Affected Software2
osv
osv
added 2026/03/26 8:47 p.m.5 views

CVE-2026-33623 PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.4 contains a Windows-only command injection issue in the orphaned Chrome cleanup path. When an instance is stopped, the Windows cleanup routine builds a PowerShell -Command string using a...

6.7CVSS6.7AI score0.02904EPSS
Exploits1References4
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-28320

Malware in sbrugna...

9CVSS8.6AI score0.03353EPSS
Exploits0References2
gitee
gitee
added 2025/09/14 12:1 p.m.172 views

spraywmi

Exploit module/toolkit targeting Windows systems via WMI Windows Management Instrumentation spraying. The tool, named SprayWMI, is designed to mass spray Unicorn PowerShell injection to CIDR notations. It is a Python-based tool that uses the pexpect library to interact with the Windows Management...

7.7AI score
Exploits0
osv
osv
added 2022/12/22 8:15 p.m.5 views

CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability...

8.8CVSS7.4AI score0.01344EPSS
Exploits0References4
nvd
nvd
added 2021/04/07 3:15 p.m.23 views

CVE-2021-28927

The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platformwin32.c via the accessibilityspeakwindows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection...

7.8CVSS0.01382EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2019/01/10 12:0 a.m.6 views

The vulnerability of the Device Guard component of the Windows operating system allows a hacker to inject arbitrary code into a Windows PowerShell session.

The vulnerability of the Device Guard component in the Windows operating system is related to security configuration errors. Exploiting this vulnerability could allow a local attacker to inject arbitrary code into the Windows PowerShell session...

5.3CVSS7AI score0.02021EPSS
Exploits0References4
osv
osv
added 2018/10/10 1:29 p.m.4 views

CVE-2018-8492

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019...

5.3CVSS5.9AI score0.02021EPSS
Exploits0References3
osv
osv
added 2018/08/15 5:29 p.m.4 views

CVE-2018-8200

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

5.3CVSS5.9AI score0.01412EPSS
Exploits0References3
Rows per page
Query Builder