4985 matches found
VulnCheck KEV: CVE-2025-51482
Remote Code Execution in letta.server.restapi.routers.v1.tools.runtoolfromsource in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions...
VulnCheck KEV: CVE-2020-8656
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the username field to getApiKey in include/apifunctions.php...
VulnCheck KEV: CVE-2025-6440
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdpsavecanvasdesignajax' function in all versions up to, and including, 1.9.26. This mak...
VulnCheck KEV: CVE-2025-59287
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network...
VulnCheck KEV: CVE-2022-1703
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service DoS attack...
VulnCheck KEV: CVE-2023-5970
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass...
VulnCheck KEV: CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
VulnCheck KEV: CVE-2022-2915
A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service DoS on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions...
VulnCheck KEV: CVE-2023-53691
Hikvision CSMP Comprehensive Security Management Platform iSecure Center through 2023-06-25 allows file upload via /center/api/files directory traversal, as exploited in the wild in 2024 and 2025...
VulnCheck KEV: CVE-2016-15048
AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...
VulnCheck KEV: CVE-2024-58274
Hikvision CSMP Comprehensive Security Management Platform iSecure Center through 2024-08-01 allows execution of a command within $ in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025...
VulnCheck KEV: CVE-2025-6264
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...
VulnCheck KEV: CVE-2025-9242
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...
VulnCheck KEV: CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high...
VulnCheck KEV: CVE-2022-48503
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution...
VulnCheck KEV: CVE-2025-2746
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through...
VulnCheck KEV: CVE-2025-2747
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.1...
VulnCheck KEV: CVE-2018-25118
GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command injection vulnerability via /PictureCatch.cgi that enables an attacker to execute arbitrary commands on the device. The vulnerable models have been declared end-of-life EOL by the vendor. VulnCheck has...
VulnCheck KEV: CVE-2025-61884
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: Runtime UI. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful...
VulnCheck KEV: CVE-2025-61932
Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...
VulnCheck KEV: CVE-2017-10986
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcpattr2vp" and a denial of service...
VulnCheck KEV: CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
VulnCheck KEV: CVE-2019-6443
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctlgetitem, there is a stack-based buffer over-read in readsysvars in ntpcontrol.c in ntpd...
VulnCheck KEV: CVE-2021-36754
PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query QTYPE 65535 that causes an out-of-bounds exception...
VulnCheck KEV: CVE-2023-41011
Command Execution vulnerability in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the shortcuttelnet.cg component...
VulnCheck KEV: CVE-2025-3987
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument localPin leads to command injection. The attack may be initiated remotely. The exploit has been...
VulnCheck KEV: CVE-2015-2280
snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FWAIC1620W1.1.0-1220120709r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter...
VulnCheck KEV: CVE-2025-11372
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to modification of data in all versions up to, and including, 4.2.9.2. This is due to missing capability checks on the Admin Tools REST endpoints which are registered with permissioncallback set to returntrue. This makes it...
VulnCheck KEV: CVE-2022-0342
An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware...
VulnCheck KEV: CVE-2023-39143
PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled a very common configuration...
VulnCheck KEV: CVE-2024-20419
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...
VulnCheck KEV: CVE-2024-36117
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...
VulnCheck KEV: CVE-2023-50917
MajorDoMo aka Major Domestic Module before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager...
VulnCheck KEV: CVE-2024-5276
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...
VulnCheck KEV: CVE-2024-23917
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible...
VulnCheck KEV: CVE-2024-6235
Sensitive information disclosure in NetScaler Console...
VulnCheck KEV: CVE-2025-59474
Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check in the sidepanel of a page intentionally accessible to users lacking Overall/Read permission, allowing attackers without Overall/Read permission to list agent names through its sidepanel executors widget...
VulnCheck KEV: CVE-2023-34124
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...
VulnCheck KEV: CVE-2025-54249
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls...
VulnCheck KEV: CVE-2025-27223
TRUfusion Enterprise through 7.10.4.0 exposes the encrypted COOKIEID as an authentication mechanism for some endpoints such as /trufusionPortal/getProjectList. However, the application uses a static key to create the encrypted cookie, ultimately allowing anyone to forge cookies and gain access to...
VulnCheck KEV: CVE-2025-8868
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
VulnCheck KEV: CVE-2022-28956
An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...
VulnCheck KEV: CVE-2025-49596
The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio...
VulnCheck KEV: CVE-2023-7304
Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmcsync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the...
VulnCheck KEV: CVE-2023-7305
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...
VulnCheck KEV: CVE-2025-24990
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware depende...
VulnCheck KEV: CVE-2025-59230
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally...
VulnCheck KEV: CVE-2025-47827
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...
VulnCheck KEV: CVE-2022-23125
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate...
VulnCheck KEV: CVE-2024-13991
Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...