Lucene search
K

356 matches found

Vulnrichment
Vulnrichment
added 2025/10/06 4:53 p.m.6 views

CVE-2025-36354 IBM Security Verify Access command execution

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input...

7.3CVSS7.1AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/06 4:53 p.m.12 views

CVE-2025-36354 IBM Security Verify Access command execution

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input...

7.3CVSS0.00295EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25810

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00371EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-49223

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01261EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29647

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.02743EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32350

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.0123EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-7598

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.03709EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-19644

Malicious code in bioql PyPI...

10CVSS6.6AI score0.02709EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-7600

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.03709EPSS
Exploits1References1
CVE
CVE
added 2025/09/25 8:17 p.m.23 views

CVE-2025-11005

The CVE-2025-11005 issue affects TOTOLINK X6000R, where OS Command Injection arises from improper neutralization of special elements in user input. Affected versions: X6000R up to and including V9.4.0cu.1458_B20250708. Root cause: failure to properly filter special elements allows an attacker to ...

9.8CVSS6.7AI score0.01331EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/09/25 8:17 p.m.19 views

CVE-2025-11005 TOTOLINK X6000R Unauthenticated Command Injection Vulnerability

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1458B20250708...

9.3CVSS0.01331EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/25 8:17 p.m.5 views

CVE-2025-11005 TOTOLINK X6000R Unauthenticated Command Injection Vulnerability

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1458B20250708...

9.3CVSS6.7AI score0.01331EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/17 12:49 a.m.16 views

CVE-2025-57174

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all...

9.8CVSS7.6AI score0.03815EPSS
Exploits4References1
ATTACKERKB
ATTACKERKB
added 2025/09/16 7:40 p.m.2 views

CVE-2025-34184

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remote attackers can execute arbitrary system commands by injecting payloads into the 'passwd' HTTP POST parameter, leading to full system compromise or...

9.8CVSS6.1AI score0.02743EPSS
Exploits2References4
CVE
CVE
added 2025/09/16 7:40 p.m.35 views

CVE-2025-34184

CVE-2025-34184 affects Ilevia EVE X1 Server (≤4.7.18.0.eden). The vulnerability is an unauthenticated OS command injection in /ajax/php/login.php, allowing remote attackers to inject commands via the passwd POST parameter and potentially achieve full system compromise or DoS. Some sources also do...

9.8CVSS7.9AI score0.02743EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2025/09/12 1:48 p.m.12 views

CVE-2025-10364 Unauthenticated Arbitrary Command Injection in Evertz SDVN

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS0.06325EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-43920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands...

8.1CVSS6AI score0.00523EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-36640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the...

9.8CVSS8.8AI score0.02005EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.5 views

D-Link DIR-868L 安全漏洞

The D-Link DIR-868L is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-868L B1 FW2.05WWB02 version, which originates from an unauthenticated OS command injection in the fileaccess.cgi component, which could lead to the execution of arbitrary comman...

9.8CVSS7.9AI score0.0583EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/08/22 4:35 p.m.7 views

CVE-2010-20059

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The execraw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation...

9.3CVSS7.2AI score0.00953EPSS
Exploits0References1
Rows per page
Query Builder