Lucene search
K

17036 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago9 views

Linux Distros Unpatched Vulnerability : CVE-2012-0500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and...

10CVSS7.2AI score0.58974EPSS
Exploits17References2
NVD
NVD
added 6 days ago14 views

CVE-2025-71356

picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolicshapes.ShapeEnv.evaluateguardsexpression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded by victims...

8.1CVSS0.003EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago8 views

EUVD-2025-210417

picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.calltip.getentity function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

8.1CVSS6.1AI score0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago36 views

CVE-2025-71360 picklescan - Remote Code Execution via Undetected idlelib.calltip.get_entity

picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.calltip.getentity function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

8.1CVSS0.003EPSS
Exploits0References2
CVE
CVE
added 6 days ago19 views

CVE-2025-71347

The vulnerability concerns picklescan prior to 0.0.33, which fails to detect malicious pickle files that rely on numpy.f2py.crackfortran.param_eval in reduce methods. This allows remote attackers to embed code that executes during deserialization in applications that load untrusted pickle data, e...

8.1CVSS6.6AI score0.00445EPSS
Exploits0References2
CVE
CVE
added 6 days ago18 views

CVE-2025-71342

CVE-2025-71342 affects picklescan prior to 0.0.30, which fails to detect malicious pickle files that use idlelib.run.Executive.runcode in reduce methods. This can allow code embedded in pickle files to execute during pickle.load, enabling remote code execution in PyTorch models and related supply...

8.1CVSS6.6AI score0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added last week39 views

CVE-2026-58288 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.3CVSS0.00438EPSS
Exploits0References1
EUVD
EUVD
added last week8 views

EUVD-2026-41551

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command 'OS...

7.2CVSS6.1AI score0.01216EPSS
Exploits0References1
CVE
CVE
added last week22 views

CVE-2026-49814

CVE-2026-49814 affects Dell PowerProtect Data Domain, including versions 7.7.1.0–8.7 and several LTS releases (8.6.1.0–8.6.1.10, 8.3.1.0–8.3.1.30, 7.13.1.0–7.13.1.70). The vulnerability is an OS Command Injection due to improper neutralization of special elements, allowing a high-privilege, remot...

7.2CVSS6.1AI score0.01216EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added last week7 views

EUVD-2026-41549

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command 'OS...

7.2CVSS6.2AI score0.01096EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-49815

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command 'OS...

7.2CVSS6.2AI score0.01096EPSS
Exploits0References2
NVD
NVD
added last week9 views

CVE-2026-26355

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command 'OS...

6.5CVSS0.01052EPSS
Exploits0References1
CVE
CVE
added last week13 views

CVE-2026-26355

Dell PowerProtect Data Domain: OS command injection vulnerability affects 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70. A high-privilege attacker with remote access could potentially achieve command execution. No explicit remediation details are prov...

6.5CVSS6AI score0.01052EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55546

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...

7.2CVSS6.2AI score0.01096EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55529

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...

6.5CVSS6.2AI score0.01052EPSS
Exploits0References6
Nuclei
Nuclei
added 2026/07/02 9:36 a.m.81 views

TP-Link Archer AX21 (AX1800) - Unauthenticated Command Injection

TP-Link Archer AX21 AX1800 routers are vulnerable to unauthenticated OS command injection via the country parameter in the locale endpoint. This allows remote attackers to execute arbitrary commands as root. id: CVE-2023-1389 info: name: TP-Link Archer AX21 AX1800 - Unauthenticated Command...

8.8CVSS7.8AI score0.99999EPSS
Exploits7References3
Nuclei
Nuclei
added 2026/07/02 9:36 a.m.39 views

Laravel Livewire v3 - Remote Command Execution

Livewire v3 Laravel contains a vulnerability in its component hydration/update mechanism that can be exploited to reach remote command execution RCE without authentication under certain conditions. id: CVE-2025-54068 info: name: Laravel Livewire v3 - Remote Command Execution author: flame-11...

9.8CVSS7.7AI score0.95376EPSS
Exploits5References5
EUVD
EUVD
added 2026/07/02 12:31 a.m.5 views

EUVD-2026-41186

Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

6.2AI score0.00275EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 8:47 p.m.31 views

CVE-2026-54074 @tinacms/cli: Remote Code Execution via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...

7.8CVSS0.0017EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/01 8:5 p.m.6 views

Malicious code in twrap-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9903cc9163ada9951dee4ee1f364648cac0e492df9a32582ad3ed8303d29231 twraptool/init.py defines two public functions, formatblock and aligncolumns, whose real behavior is to fetch a Python file from...

6.1AI score
Exploits0References2
Rows per page
Query Builder