Lucene search
K

126 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-15481

A security flaw has been discovered in Trendnet TEW-635BRM up to 1.00.03. This vulnerability affects the function ipoatest of the file /sbin/rc of the component IPoA WAN Connection Setup. Performing a manipulation of the argument ipoaipaddr results in command injection. The attack is possible to ...

9CVSS0.01514EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-15481 Trendnet TEW-635BRM IPoA WAN Connection Setup rc ipoa_test command injection

A security flaw has been discovered in Trendnet TEW-635BRM up to 1.00.03. This vulnerability affects the function ipoatest of the file /sbin/rc of the component IPoA WAN Connection Setup. Performing a manipulation of the argument ipoaipaddr results in command injection. The attack is possible to ...

9CVSS0.01514EPSS
Exploits0References5
CVE
CVE
added 3 days ago14 views

CVE-2026-15481

The CVE-2026-15481 affects Trendnet TEW-635BRM firmware up to 1.00.03, specifically the IPoA WAN Connection Setup component’s /sbin/rc function ipoa_test. A manipulation of the ipoa_ipaddr argument enables remote command injection, with network access as the attack vector and no user interaction ...

9CVSS6.7AI score0.01514EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.10 views

CVE-2026-10870

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS6.7AI score0.02199EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 8:30 p.m.8 views

CVE-2026-10870

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS6.8AI score0.02199EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/04 8:30 p.m.15 views

EUVD-2026-34323

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS6.8AI score0.02199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability stems from the startdhcpc function in the /sbin/rc file within the Web UI...

8.6CVSS7.1AI score0.02199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability arises from the operation of the start6rdtunnel function in the /sbin/rc file...

8.6CVSS7.2AI score0.02199EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/05 12:48 a.m.6 views

CVE-2026-29121 `/sbin/ip` Binary given SETUID Permissions on IDC SFX2100 Leading to Potential LPE

International Data Casting IDC SFX2100 satellite receiver comes with the /sbin/ip utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file...

9.2CVSS5.8AI score0.00148EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-15494

Malware in sbrugna...

7.5CVSS7.6AI score0.02248EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29841

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.07359EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2025/04/10 8:1 a.m.0 views

Security update for apparmor

This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

7.7AI score
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/04/03 2:18 p.m.3 views

Security update for apparmor

This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

7.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.5 views

PT-2025-19699 · Opensuse +1 · Apparmor +1

Name of the Vulnerable Software and Affected Versions: apparmor affected versions not specified Description: This issue allows dovecot-auth to execute the unix check password function from /sbin, not only from /usr/bin. Recommendations: At the moment, there is no information about a newer version...

7.2AI score
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/04/02 9:38 a.m.3 views

Security update for apparmor

This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

7.7AI score
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/03/31 9:4 a.m.1 views

Security update for apparmor

This update for apparmor fixes the following issues: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

7.7AI score
Exploits0References2
Cvelist
Cvelist
added 2024/10/11 12:0 a.m.14 views

CVE-2024-46215

A vulnerability was discovered in KM08-708H-v1.1, There is a buffer overflow in the sub445BDC function within the /usr/sbin/goahead program; The strcpy function is executed without checking the length of the string, leading to a buffer overflow...

0.02852EPSS
Exploits0References2
CVE
CVE
added 2024/10/11 12:0 a.m.55 views

CVE-2024-46215

KM08-708H-v1.1 contains a buffer overflow in the /usr/sbin/goahead binary, caused by unsafe use of strcpy in the sub_445BDC() function. This vulnerability is documented across multiple feeds (NVD/Red Hat/CVE records) and affects the KM08-708H device. Exploitation details are not provided in these...

6.5CVSS7.7AI score0.02852EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/15 12:0 a.m.29 views

openSUSE 15 Security Update : amanda (openSUSE-SU-2023:0069-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0069-1 advisory. - A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the...

6.7CVSS6.8AI score0.01246EPSS
Exploits3References7
UbuntuCve
UbuntuCve
added 2023/01/30 12:0 a.m.37 views

CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

6.7CVSS6.7AI score0.00526EPSS
Exploits1References5
Rows per page
Query Builder