Lucene search
K

1415 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/03/18 12:0 a.m.4 views

ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media (moderate)

ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media Announcement ID: openSUSE-SU-2026:10367-1 Rating: moderate Cross-References: CVE-2015-3224 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

4.3CVSS5.8AI score0.44984EPSS
Exploits6
NVD
NVD
added 2026/03/13 7:53 p.m.11 views

CVE-2025-12453

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...

6.1CVSS0.00181EPSS
Exploits0References1
OSV
OSV
added 2026/03/13 12:0 a.m.9 views

OPENSUSE-SU-2026:10367-1 ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media

These are all security issues fixed in the ruby4.0-rubygem-web-console-4.2.1-1.9 package on the GA media of openSUSE Tumbleweed...

4.3CVSS5.8AI score0.44984EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2026/03/06 2:37 p.m.6 views

CVE-2026-3598

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...

8.7CVSS5.8AI score0.00226EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 2:14 p.m.10 views

CVE-2026-3598

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...

8.7CVSS5.9AI score0.00226EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:16 p.m.4 views

CVE-2026-2249

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/11 2:16 p.m.5 views

CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
CVE
CVE
added 2026/02/11 2:16 p.m.29 views

CVE-2026-2249

METIS DFS devices expose an unauthenticated web-based shell at /console, allowing remote command execution with daemon privileges on affected versions (

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/11 2:16 p.m.28 views

CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS0.00514EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/11 2:15 p.m.25 views

CVE-2026-2248 Unauthenticated Remote Root Shell Access via Web Console in METIS WIC

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS0.00514EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/11 2:15 p.m.4 views

CVE-2026-2248 Unauthenticated Remote Root Shell Access via Web Console in METIS WIC

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 2:15 p.m.13 views

CVE-2026-2248

CVE-2026-2248 affects METIS WIC devices (versions

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.10 views

PT-2026-7598

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
Malwarebytes
Malwarebytes
added 2026/02/03 4:55 p.m.7 views

An AI plush toy exposed thousands of private chats with children

Bondu’s AI plush toy exposed a web console that let anyone with a Gmail account read about 50,000 private chats between children and their cuddly toys. Bondu's toy is marketed as: “A soft, cuddly toy powered by AI that can chat, teach, and play with your child.” What it doesn’t say is that anyone...

5.3AI score
Exploits0
NVD
NVD
added 2026/01/30 11:16 p.m.10 views

CVE-2020-37032

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

8.8CVSS0.0104EPSS
Exploits1References3
OSV
OSV
added 2026/01/30 11:16 p.m.4 views

CVE-2020-37032

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

8.8CVSS6.4AI score0.0104EPSS
Exploits1References3
CVE
CVE
added 2026/01/30 10:7 p.m.18 views

CVE-2020-37032

Wing FTP Server 6.3.8 is affected by a remote code execution flaw in the Lua-based web console. The issue allows authenticated users to send crafted POST requests that trigger operating system commands via os.execute(), enabling arbitrary code execution on the server. Affected component: Lua-base...

8.8CVSS6.6AI score0.0104EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.4 views

CVE-2020-37032

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

8.8CVSS6.6AI score0.0104EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.25 views

CVE-2020-37032 Wing FTP Server 6.3.8 - Remote Code Execution

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

8.8CVSS0.0104EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/30 10:7 p.m.7 views

CVE-2020-37032 Wing FTP Server 6.3.8 - Remote Code Execution

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

8.8CVSS6.5AI score0.0104EPSS
Exploits1References3
Rows per page
Query Builder