Lucene search
+L

315 matches found

NVD
NVD
added 2026/04/28 10:16 p.m.5 views

CVE-2026-41446

Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with access to the devi...

9.8CVSS0.00433EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/20 9:11 p.m.8 views

Command Injection

Overview flowsint is an Add your description here Affected versions of this package are vulnerable to Command Injection via the orgtoasn transform process. An attacker can execute arbitrary operating system commands as root on the host machine by supplying shell metacharacters and escaping the...

10CVSS6.1AI score0.00506EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/20 7:56 p.m.7 views

CVE-2026-32311

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Flowsint allows a user to create investigations, which are used to manage sketches and analyses. Sketches have controllable graphs, which are comprised of nodes and...

10CVSS6.2AI score0.00506EPSS
Exploits1References3
CVE
CVE
added 2026/04/20 4:44 p.m.13 views

CVE-2026-26951

CVE-2026-26951 affects Dell PowerProtect Data Domain. The advisory states a stack-based buffer overflow in the product affecting: 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. The vulnerability could be exploited by a high-privilege attacker with local access to achieve a...

6.7CVSS6.4AI score0.0013EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/20 4:44 p.m.8 views

CVE-2026-26951

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this...

6.7CVSS6.4AI score0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/20 4:15 p.m.7 views

CVE-2026-24505

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...

7.2CVSS6.1AI score0.00417EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/20 7:44 a.m.4 views

CVE-2026-5967

ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS commands and execute them with root privileges...

8.8CVSS5.9AI score0.00372EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.11 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. Vulnerabilities exist in versions 7.7.1.0 to 8.6 of Dell PowerProtect Data Domain, as well as in LTS2025 versions 8.3.1.0 to 8.3.1.20 a...

7.2CVSS6.1AI score0.00441EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.10 views

PT-2026-33793

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...

7.2CVSS6.1AI score0.00441EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.13 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. Vulnerabilities exist in versions 7.7.1.0 to 8.6 of Dell PowerProtect Data Domain, as well as in LTS2025 versions 8.3.1.0 to 8.3.1.20 a...

6.7CVSS6.3AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2026/04/17 10:57 a.m.21 views

CVE-2026-35074

CVE-2026-35074 affects Dell PowerProtect Data Domain products: 7.7.1.0–8.7.0.0, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. The issue is an improper neutralization of special elements used in an OS command injection vulnerability, enabling a high-privilege local attacker to execute ...

6.7CVSS6AI score0.00571EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:38 p.m.4 views

CVE-2026-33791

An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the system. Certain 'set...

8.4CVSS6AI score0.00692EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.11 views

Amazon Web Services Research and Engineering Studio 安全漏洞

Amazon Web Services Research and Engineering Studio is a cloud-based research and engineering environment of Amazon, Inc. There is a security vulnerability in the version of Amazon Web Services Research and Engineering Studio from March 2025 to December 1, 2025. This vulnerability stems from the...

8.8CVSS7.6AI score0.00994EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/04 6:4 a.m.6 views

Command Injection

Overview @budibase/shared-core is a Shared data utils Affected versions of this package are vulnerable to Command Injection via the public webhook endpoint. An attacker can execute arbitrary commands as the root user within the application container and exfiltrate sensitive environment secrets by...

9.5CVSS6.1AI score0.11982EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.5 views

Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access (cisco-sa-nd-cbid-5YqkOSHu)

According to its self-reported version, Cisco Nexus Dashboard is affected by a vulnerability. - A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/02 4:56 p.m.6 views

CVE-2026-20042

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/02 4:56 p.m.5 views

CVE-2026-20094

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation o...

8.8CVSS6.2AI score0.01094EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 6:36 p.m.3 views

EUVD-2026-17935

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/01 4:29 p.m.24 views

CVE-2026-20160 Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host. This vulnerability is due to the unintentional exposure of an internal service. An...

9.8CVSS0.00914EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 4:29 p.m.86 views

CVE-2026-20160

Cisco Smart Software Manager On-Prem (SSM On-Prem) is affected by CVE-2026-20160 due to an unintended exposure of an internal service. An unauthenticated, remote attacker could send a crafted request to the exposed service API and execute commands on the underlying OS with root-level privileges. ...

9.8CVSS6.2AI score0.00914EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder