514 matches found
Adminer 4.6.2 - 5.4.1 Unauthenticated Persistent DoS
Adminer = 5.4.1 contains a denial of service caused by lack of origin validation in version check endpoint, letting attackers trigger server errors via crafted POST requests, exploit requires no special privileges. id: CVE-2026-25892 info: name: Adminer 4.6.2 - 5.4.1 Unauthenticated Persistent Do...
Exploit for CVE-2026-22557
CVE-2026-22557 Vulnerability Assessment Tool Safely detect wh...
CVE-2026-9396
A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...
CVE-2026-9396
A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...
CVE-2026-9396
The CVE-2026-9396 entry concerns Besen BS20 EV Charging Station firmware (up to 20260426). Affected component: Firmware Version Check. The vulnerability is caused by an issue in the UI layer rendering, where manipulation can cause improper restriction of rendered UI layers. The attack is describe...
CVE-2026-9396 Besen BS20 EV Charging Station Firmware Version Check ui layer
A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...
CVE-2026-9396 Besen BS20 EV Charging Station Firmware Version Check ui layer
A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...
EUVD-2026-31552
A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...
PT-2026-42966
A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...
Besen BS20 EV Charging Station 安全漏洞
The Besen BS20 EV Charging Station is an AC electric vehicle wall-mounted charging station developed by the Chinese company Besen. The Besen BS20 EV Charging Station, including versions dated 20260426 and earlier, contains a security vulnerability. This vulnerability stems from improper operation...
CVE-2026-47092
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version...
CVE-2026-47092
CVE-2026-47092 : Claude HUD 0.0.12 contains a local command-injection via the COMSPEC environment variable. An attacker can set COMSPEC to an arbitrary binary path before Claude HUD performs its version check, causing execFile() to run the attacker-supplied executable with cmd.exe arguments, lead...
CVE-2026-47092 Claude HUD 0.0.12 Arbitrary Command Execution via COMSPEC Environment Variable
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version...
EUVD-2026-30802
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version...
GHSA-QQQ4-5773-PMW5 uniget is Vulnerable to Command Injection in tool.Check Leading to Arbitrary Code Execution
I discovered a command injection vulnerability in uniget that allows arbitrary command execution through the metadata loading and version check mechanism. Summary A command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c...
Exploit for Double Free in Apache Http_Server
This is a proactive tool for security auditing. For your GitHub...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the self-version check logic. An attacker can achieve arbitrary code execution by overwriting pip’s modules during a pip install operation, which are later imported at the end of command execution for the...
📄 Grav CMS 1.7.49.5 Shell Upload
This script targets a Grav CMS administrative panel by first authenticating, then checking version information to estimate vulnerability exposure. If conditions are met, it generates a malicious PHP plugin containing a base64-encoded payload and uploads it as a ZIP package through the “direct...
Exploit for Race Condition in Canonical Ubuntu_Linux
Privilege Escalation using the Dirty Cow Kernel Exploit By...
EUVD-2026-11164
Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...