Lucene search
K

145 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54976

Malicious code in bioql PyPI...

6.7CVSS6.7AI score0.00479EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/23 12:0 a.m.6 views

IBM Watsonx.data OS Command Injection Vulnerability

IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. An operating system command injection vulnerability exists in IBM Watsonx.data version 2.2 that stems from not properly validating user input and can be exploited by an attacker to cause a privilege...

7.2CVSS7.9AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 1:50 p.m.9 views

CVE-2024-45325

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...

6.7CVSS0.00479EPSS
Exploits0References1
OSV
OSV
added 2025/09/02 6:15 p.m.7 views

CVE-2025-51966

A cross-site scripting XSS vulnerability exists in the PDF preview functionality of uTools thru 7.1.1. When a user previews a specially crafted PDF file, embedded JavaScript code executes within the application's privileged context, potentially allowing attackers to steal sensitive data or perfor...

6.1CVSS5.7AI score0.00234EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.5 views

HomeAssistant-Tapo: Cameras Control 代码注入漏洞

HomeAssistant-Tapo: Cameras Control is a Tapo camera controller by the individual developer Juraj Nyíri. A code injection vulnerability exists in HomeAssistant-Tapo: Cameras Control, which stems from a code injection vulnerability in the GitHub Actions workflow that could lead to the execution of...

8.6CVSS7.7AI score0.0032EPSS
Exploits0References3
NVD
NVD
added 2025/08/12 7:15 p.m.5 views

CVE-2023-45584

A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.4.0 through 7.4.1, FortiProxy 7.2.0 through 7.2.7, FortiProxy 7.0.0...

7.2CVSS0.00568EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/12 6:59 p.m.3 views

CVE-2025-32766

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands...

6.7CVSS6.6AI score0.00135EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/07/10 3:15 p.m.3 views

ALPINE-CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS6.8AI score0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/24 1:39 a.m.15 views

CVE-2025-34041 Sangfor Endpoint Detection and Response OS Command Injection

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response EDR management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interfac...

10CVSS0.06969EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.4 views

IBM Cloud Pak for Security和IBM QRadar Suite 代码注入漏洞

IBM Cloud Pak for Security is a software application. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster.IBM QRadar Suite is an integrated security information and event management SIEM solution for...

7.2CVSS7.3AI score0.00555EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.6 views

IBM Storage Scale 命令注入漏洞

IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations effectively manage and scale storage resources to meet growing data storage needs. A command injection vulnerability exists in IBM Storage Scale versions 5.2.2.0 and 5.2.2.1 that stems...

8.8CVSS7.5AI score0.0034EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/04/22 3:16 p.m.5 views

CVE-2025-1951

IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges...

8.4CVSS6.1AI score0.00217EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/04/08 2:15 p.m.4 views

CVE-2024-54025

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests...

6.7CVSS6AI score0.00434EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2025/03/24 9:30 p.m.7 views

OpenDaylight SFC Allows Unauthorized Privileged Execution via Crafted Request

An issue in the Shiro-based RBAC Role-based Access Control mechanism of OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to execute privileged operations via a crafted request...

9.8CVSS7.2AI score0.00378EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2024/12/05 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2024-0cab161b46)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.00298EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/05 12:0 a.m.9 views

Fedora 40 : tuned (2024-0cab161b46)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-0cab161b46 advisory. This is new version that fixes CVE-2024-52336 and CVE-2024-52337 which allowed privileged execution by non-privileged active local user and log...

7.8CVSS6.8AI score0.00298EPSS
Exploits0References3
OSV
OSV
added 2024/09/30 7:15 p.m.4 views

CVE-2024-28811

An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations...

3.3CVSS5.9AI score0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.8 views

HMS Networks HMS Cosy+ 安全漏洞

HMS Networks HMS Cosy+ is an application for industrial remote access from HMS Networks, Sweden. A security vulnerability exists in HMS Networks HMS Cosy+ that stems from the presence of insecure privileges to execute multiple processes with elevated privileges...

8.8CVSS7.4AI score0.00848EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/02 12:0 a.m.7 views

PT-2024-18752 · Libifaaca · Libifaaca

Name of the Vulnerable Software and Affected Versions: libIfaaCa versions prior to SMR Apr-2024 Release 1 Description: The issue is related to an out-of-bound write vulnerability in the command parsing implementation. This allows local privileged attackers to execute arbitrary code...

6.7CVSS7.7AI score0.00175EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/03/25 7:39 p.m.8 views

Mozilla: Privileged JavaScript Execution via Event Handlers

The Mozilla Foundation Security Advisory describes this flaw as: An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process...

8.4CVSS7.6AI score0.047EPSS
Exploits0References5
Rows per page
Query Builder