Lucene search
K

746 matches found

Vulnrichment
Vulnrichment
added 2025/12/23 9:40 p.m.4 views

CVE-2025-13698 Deciso OPNsense diag_backup.php filename Directory Traversal Arbitrary File Creation Vulnerability

Deciso OPNsense diagbackup.php filename Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Deciso OPNsense. Authentication is required to exploit this vulnerability. The specific fl...

4.5CVSS6.2AI score0.00461EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/23 9:33 p.m.24 views

CVE-2025-13716 Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability

Tencent MimicMotion createpipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent MimicMotion. User interaction is required to exploit this vulnerability in that the...

7.8CVSS0.00411EPSS
Exploits0References2
CVE
CVE
added 2025/12/23 9:33 p.m.10 views

CVE-2025-13707

CVE-2025-13707 affects Tencent HunyuanDiT, specifically the model_resume function. The vulnerability arises from insufficient validation of user-supplied data, allowing deserialization of untrusted data and leading to remote code execution with root privileges. Exploitation requires user interact...

7.8CVSS7.9AI score0.00411EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/12/01 12:0 a.m.4 views

Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent MimicMotion. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.3AI score0.00411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/01 12:0 a.m.6 views

Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent NeuralNLP-NeuralClassifier. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS7.3AI score0.00411EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 8:10 p.m.21 views

CVE-2025-12490

The CVE-2025-12490 entry describes a path traversal in Netgate pfSense CE Suricata that allows remote creation of arbitrary files with root privileges. The root cause is inadequate validation of a user-supplied path before file operations within the Suricata package, requiring authentication to e...

8.8CVSS6.8AI score0.18693EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/06 8:10 p.m.3 views

CVE-2025-12490 Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability

Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Netgate pfSense. Authentication is required to exploit this vulnerability. The specific flaw exists within the Suricata...

8.8CVSS6.8AI score0.18693EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-3823

Malware in sbrugna...

7.8CVSS7.7AI score0.00427EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-5262

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.02592EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2746

Malicious code in bioql PyPI...

6.1CVSS7.5AI score0.00363EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-21353

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.0075EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1860

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01105EPSS
Exploits0References3
CNVD
CNVD
added 2025/08/18 12:0 a.m.3 views

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20289)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00923EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.3 views

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20424)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00964EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.3 views

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20419)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00972EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.2 views

Kenwood DMX958XR libSystemLib Function OS Command Injection Vulnerability

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. An operating system command injection vulnerability exists in the Kenwood DMX958XR libSystemLib function, which can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00685EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.3 views

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20427)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00923EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.2 views

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20426)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00685EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.2 views

Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20425)

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS8.1AI score0.00964EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/10 12:0 a.m.3 views

Alpine iLX-507 Stack Buffer Overflow Vulnerability

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in a root context...

6.8CVSS7.8AI score0.0024EPSS
Exploits0References1
Rows per page
Query Builder