Lucene search
+L

2454 matches found

NVD
NVD
added 2026/06/04 11:16 p.m.11 views

CVE-2026-10872

A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function startvpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used...

8.6CVSS0.02635EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.40 views

CVE-2026-11225

Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

0.00158EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 10:30 p.m.18 views

CVE-2026-10873

The CVE-2026-10873 entry pertains to Shibby Tomato 1.28.0000, where the rstats_path function in /bin/rstats of the Web UI is vulnerable. The underlying issue enables an os command injection, with remote attack potential. Public exploit details exist per the connected CVE listing, and the project ...

8.6CVSS6.8AI score0.02695EPSS
Exploits0References7
NVD
NVD
added 2026/06/04 10:16 p.m.13 views

CVE-2026-10871

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start6rdtunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv66rdborderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS0.02199EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/04 10:15 p.m.38 views

CVE-2026-10872 Shibby Tomato Web UI rc start_vpnserver os command injection

A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function startvpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used...

8.6CVSS0.02635EPSS
Exploits0References6
CVE
CVE
added 2026/06/04 10:15 p.m.18 views

CVE-2026-10872

CVE-2026-10872 affects Shibby Tomato 1.28.0000 Web UI: the start_vpnserver function in /sbin/rc is vulnerable to remote OS command injection. Exploit published; impact is high (C/I/A). Privileges required: HIGH; no user interaction. Superseded by FreshTomato.

8.6CVSS6.8AI score0.02635EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/04 10:15 p.m.9 views

CVE-2026-10872 Shibby Tomato Web UI rc start_vpnserver os command injection

A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function startvpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used...

8.6CVSS6.8AI score0.02635EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/04 10:0 p.m.40 views

CVE-2026-10871 Shibby Tomato Web UI rc start_6rd_tunnel os command injection

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start6rdtunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv66rdborderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS0.02199EPSS
Exploits0References6
NVD
NVD
added 2026/06/04 9:16 p.m.18 views

CVE-2026-10870

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS0.02199EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/04 8:30 p.m.16 views

EUVD-2026-34323

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function startdhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This project is...

8.6CVSS6.8AI score0.02199EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.21 views

PT-2026-46393

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start 6rd tunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv6 6rd borderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS6.7AI score0.02199EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.22 views

PT-2026-46399

A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstats path of the file /bin/rstats of the component Web UI. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

8.6CVSS6.8AI score0.02695EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability stems from the startdhcpc function in the /sbin/rc file within the Web UI...

8.6CVSS7.1AI score0.02199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability stems from the rstatspath function in the web UI component’s /bin/rstats file,...

8.6CVSS7.2AI score0.02695EPSS
Exploits0References7
NVD
NVD
added 2026/06/03 6:16 p.m.17 views

CVE-2026-20233

A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...

6.1CVSS0.00184EPSS
Exploits0References1
Cisco
Cisco
added 2026/06/03 4:0 p.m.18 views

Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...

6.1CVSS6AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/03 3:11 p.m.13 views

CVE-2026-38978

A flaw was found in Transmission. A clickjacking weakness exists in the browser-facing WebUI and RPC Remote Procedure Call response paths. This vulnerability could allow a remote attacker to trick a user into performing unintended actions by overlaying malicious content over legitimate interface...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/03 2:24 a.m.11 views

SUSE CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

5.8AI score0.00305EPSS
Exploits0References3
NVD
NVD
added 2026/06/02 4:16 p.m.19 views

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

5.3CVSS0.00305EPSS
Exploits0References3
OSV
OSV
added 2026/06/02 4:16 p.m.10 views

DEBIAN-CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References1
Rows per page
Query Builder