Lucene search
K

13309 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/02 3:19 p.m.6 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score0.00533EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/07/02 3:19 p.m.39 views

CVE-2026-44941 libzypp path traversal via "keyhint" in repomd.xml

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS0.00533EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/07/02 3:19 p.m.11 views

CVE-2026-44941 libzypp path traversal via "keyhint" in repomd.xml

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score0.00533EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/07/02 3:19 p.m.5 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.8CVSS5.9AI score0.00533EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/07/02 3:11 p.m.7 views

USN-8496-1: cifs-utils vulnerability

It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could possibly use this issue to execute arbitrary code as the root user...

7.8CVSS6.1AI score0.0012EPSS
Exploits0
NVD
NVD
added 2026/07/02 1:17 p.m.9 views

CVE-2026-58652

luci-app-travelmate and the travelmate package contain a privilege-escalation flaw: a LuCI/rpcd session holding the luci-app-travelmate write ACL is granted config-wide UCI write access to the travelmate configuration. While the LuCI UI restricts the auto-login script picker to...

7.7CVSS0.00482EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/02 12:28 p.m.8 views

EUVD-2026-41366

luci-app-travelmate and the travelmate package contain a privilege-escalation flaw: a LuCI/rpcd session holding the luci-app-travelmate write ACL is granted config-wide UCI write access to the travelmate configuration. While the LuCI UI restricts the auto-login script picker to...

7.7CVSS6.1AI score0.00482EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/02 12:28 p.m.35 views

CVE-2026-58652 luci-app-travelmate - Arbitrary Command Execution via UCI Script Parameter

luci-app-travelmate and the travelmate package contain a privilege-escalation flaw: a LuCI/rpcd session holding the luci-app-travelmate write ACL is granted config-wide UCI write access to the travelmate configuration. While the LuCI UI restricts the auto-login script picker to...

7.7CVSS0.00482EPSS
Exploits0References7
NVD
NVD
added 2026/07/01 8:17 p.m.4 views

CVE-2026-58457

Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilterconf handler in the commuos web backend. Attackers...

9.8CVSS0.01671EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 7:22 p.m.6 views

EUVD-2026-41128

Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilterconf handler in the commuos web backend. Attackers...

9.8CVSS6.1AI score0.01671EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 7:22 p.m.32 views

CVE-2026-58457 Shenzhen Aitemi M300 MT02 Unauthenticated OS Command Injection via protocol.csp

Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilterconf handler in the commuos web backend. Attackers...

9.8CVSS0.01671EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 7:22 p.m.5 views

CVE-2026-58457

Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilterconf handler in the commuos web backend. Attackers...

9.8CVSS6.1AI score0.01671EPSS
Exploits0References4
CVE
CVE
added 2026/07/01 7:22 p.m.14 views

CVE-2026-58457

CVE-2026-58457 affects Shenzhen Aitemi M300 MT02 (Wi‑Fi Repeater). An unauthenticated OS command injection exists in the commuos web backend via the smacfilter_conf handler. Attackers can append semicolon-delimited payloads to the name, enable, or mac GET parameters, which are unsanitized and pas...

9.8CVSS6.1AI score0.01671EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 6:16 p.m.3 views

DEBIAN-CVE-2026-46680

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.8CVSS5.7AI score0.00221EPSS
Exploits1References1
CVE
CVE
added 2026/07/01 5:40 p.m.189 views

CVE-2026-46680

CVE-2026-46680 concerns containerd, the container runtime. A flaw in how numeric User directives are parsed (not a 32-bit integer) can cause such values to be treated as usernames, enabling runAsNonRoot evasion. If a crafted image supplies an /etc/passwd mapping that maps this large numeric strin...

7.8CVSS5.7AI score0.00221EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:7 p.m.4 views

CVE-2026-12374

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40844

Storage Concentrator SC & SCVM contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization,...

10CVSS6.2AI score0.03074EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54917

Name of the Vulnerable Software and Affected Versions Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 affected versions not specified Description An unauthenticated OS command injection exists in the commuos web backend. Network-adjacent attackers can execute arbitrary shell commands by...

9.8CVSS6AI score0.01671EPSS
Exploits0References9
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-56415

Storage Concentrator SC & SCVM contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization,...

10CVSS0.03074EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.8 views

CVE-2026-56413

Storage Concentrator SC & SCVM contains a command injection vulnerability in the msservice.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a...

10CVSS0.03081EPSS
Exploits0References3
Rows per page
Query Builder