Lucene search
K

358 matches found

Vulnrichment
Vulnrichment
added 2025/04/10 8:9 a.m.14 views

CVE-2025-32140 WordPress WP Remote Thumbnail Plugin <= 1.3.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Nirmal Kumar Ram WP Remote Thumbnail allows Upload a Web Shell to a Web Server. This issue affects WP Remote Thumbnail: from n/a through 1.3.1...

9.9CVSS6.9AI score0.00472EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.11 views

MongoDB Shell < 2.3.9 Control Character Injection (MONGOSH-2024, MONGOSH-2025, MONGOSH-2026)

The version of MongoDB Shell installed on the remote host is prior to 2.3.9. It is, therefore, affected by a vulnerability as referenced in the MONGOSH-2024, MONGOSH-2025, MONGOSH-2026 advisories. - The MongoDB Shell may be susceptible to control character injection where an attacker with control...

8.8CVSS6AI score0.00287EPSS
Exploits0References6
NVD
NVD
added 2025/04/08 6:16 p.m.16 views

CVE-2025-27729

Use after free in Windows Shell allows an unauthorized attacker to execute code locally...

7.8CVSS0.00736EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/08 5:24 p.m.12 views

CVE-2025-27729 Windows Shell Remote Code Execution Vulnerability

...

7.8CVSS7.2AI score0.00736EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.100 views

Windows Shell Remote Code Execution Vulnerability

Use after free in Windows Shell allows an unauthorized attacker to execute code locally...

7.8CVSS7.7AI score0.00736EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-15553 · Microsoft · Windows Shell +1

Name of the Vulnerable Software and Affected Versions: Windows Shell affected versions not specified Description: The issue is related to a use after free condition in the Windows Shell, which allows an unauthorized attacker to execute code locally. Recommendations: At the moment, there is no...

7.8CVSS8.5AI score0.00736EPSS
Exploits0References9
SUSE Linux
SUSE Linux
added 2025/04/04 1:31 p.m.4 views

Security update for google-guest-agent

This update for google-guest-agent fixes the following issues: CVE-2024-45337: golang.org/x/crypto/ssh: Fixed misuse of ServerConfig.PublicKeyCallback leading to authorization bypass bsc1234563. Other fixes: - Updated to version 20250327.01 bsc1239763, bsc1239866 Remove error messages from...

8.1CVSS6.8AI score0.03153EPSS
Exploits2References8
NVD
NVD
added 2025/03/28 7:15 p.m.21 views

CVE-2025-2922

A vulnerability classified as problematic was found in Netis WF-2404 1.1.124EN. Affected by this vulnerability is an unknown functionality of the component BusyBox Shell. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical...

2CVSS0.00125EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.4 views

RockyLinux 9 : gnome-shell and gnome-shell-extensions (RLSA-2024:9114)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9114 advisory. gnome-shell: code execution in portal helper CVE-2024-36472 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

6.5CVSS7.2AI score0.00299EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/11 9:1 p.m.26 views

CVE-2025-28915 WordPress ThemeEgg ToolKit plugin <= 1.2.9 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...

9.1CVSS0.01188EPSS
Exploits3References1
Github Security Blog
Github Security Blog
added 2025/02/27 3:31 p.m.32 views

MongoDB Shell may be susceptible to control character Injection via shell output

The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to originate from mongosh or the underlying...

6.8CVSS7AI score0.00194EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/27 3:31 p.m.9 views

GHSA-R95J-4JVF-MRRW MongoDB Shell may be susceptible to control character Injection via shell output

The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to originate from mongosh or the underlying...

3.9CVSS7AI score0.00194EPSS
Exploits0References3
OSV
OSV
added 2025/02/27 3:31 p.m.6 views

GHSA-43G5-2WR2-Q7VJ MongoDB Shell may be susceptible to Control Character Injection via autocomplete

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using ‘tab’ to autocomplete...

7.6CVSS7AI score0.00287EPSS
Exploits0References3
NVD
NVD
added 2025/02/27 1:15 p.m.18 views

CVE-2025-1692

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the user’s clipboard could manipulate them to paste text into mongosh that evaluates arbitrary code. Control characters in the pasted text can be used to obfuscate malicious code. This issue...

8.8CVSS0.00224EPSS
Exploits0References1
NVD
NVD
added 2025/02/27 1:15 p.m.14 views

CVE-2025-1691

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using ‘tab’ to autocomplete...

7.6CVSS0.00287EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/27 12:39 p.m.7 views

CVE-2025-1693 MongoDB Shell may be susceptible to control character Injection via shell output

The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to originate from mongosh or the underlying...

3.9CVSS4.3AI score0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/27 12:34 p.m.13 views

CVE-2025-1691 MongoDB Shell may be susceptible to Control Character Injection via autocomplete

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using ‘tab’ to autocomplete...

7.6CVSS0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/22 3:52 p.m.22 views

CVE-2025-26776 WordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...

10CVSS0.00604EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/21 4:23 p.m.7 views

CVE-2025-20158

A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access ...

4.4CVSS6.2AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:23 a.m.15 views

CVE-2025-22504

Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms 4ecps-webforms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through = 0.2.18...

10CVSS7.2AI score0.00468EPSS
Exploits0References1
Rows per page
Query Builder