Export limit exceeded: 14753 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21065 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-125124 | 3 Artica, Pandora Fms, Pandorafms | 4 Pandora Fms, Pandora Fms, Artica Pandora Fms and 1 more | 2026-04-15 | N/A |
| An unauthenticated remote command execution vulnerability exists in Pandora FMS versions up to and including 5.0RC1 via the Anyterm web interface, which listens on TCP port 8023. The anyterm-module endpoint accepts unsanitized user input via the p parameter and directly injects it into a shell command, allowing arbitrary command execution as the pandora user. In certain versions (notably 4.1 and 5.0RC1), the pandora user can elevate privileges to root without a password using a chain involving the artica user account. This account is typically installed without a password and is configured to run sudo without authentication. Therefore, full system compromise is possible without any credentials. | ||||
| CVE-2024-5241 | 2026-04-15 | 4.7 Medium | ||
| A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520. It has been classified as critical. Affected is an unknown function of the file /manager/ipconfig_new.php. The manipulation of the argument dev leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265992. | ||||
| CVE-2012-10033 | 1 Angstrom Distribution | 1 Narcissus | 2026-04-15 | N/A |
| Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the release parameter before passing it to the configure_image() function. This function invokes PHP’s passthru() with the unsanitized input, allowing attackers to inject arbitrary system commands. Exploitation occurs via a crafted POST request, resulting in command execution under the web server’s context. | ||||
| CVE-2025-54994 | 2026-04-15 | N/A | ||
| @akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server exposes the tool `which-app-on-port` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input. Version 0.0.13 contains a fix for the issue. | ||||
| CVE-2024-52587 | 1 Step Security | 1 Harden Runner | 2026-04-15 | 8.8 High |
| StepSecurity's Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners. Versions of step-security/harden-runner prior to v2.10.2 contain multiple command injection weaknesses via environment variables that could potentially be exploited under specific conditions. However, due to the current execution order of pre-steps in GitHub Actions and the placement of harden-runner as the first step in a job, the likelihood of exploitation is low as the Harden-Runner action reads the environment variable during the pre-step stage. There are no known exploits at this time. Version 2.10.2 contains a patch. | ||||
| CVE-2024-37168 | 2026-04-15 | 5.3 Medium | ||
| @grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to versions 1.10.9, 1.9.15, and 1.8.22, there are two separate code paths in which memory can be allocated per message in excess of the `grpc.max_receive_message_length` channel option: If an incoming message has a size on the wire greater than the configured limit, the entire message is buffered before it is discarded; and/or if an incoming message has a size within the limit on the wire but decompresses to a size greater than the limit, the entire message is decompressed into memory, and on the server is not discarded. This has been patched in versions 1.10.9, 1.9.15, and 1.8.22. | ||||
| CVE-2025-30211 | 1 Erlang | 1 Otp | 2026-04-15 | 7.5 High |
| Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message. Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. Versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19 fix the issue. Some workarounds are available. One may set option `parallel_login` to `false` and/or reduce the `max_sessions` option. | ||||
| CVE-2025-6103 | 2026-04-15 | 8.8 High | ||
| A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/test_accesscodelogin.php. The manipulation of the argument Password leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-0680 | 2026-04-15 | 9.8 Critical | ||
| Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud. | ||||
| CVE-2025-54430 | 1 Dedupeio | 1 Dedupe | 2026-04-15 | 9.1 Critical |
| dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Before commit 3f61e79, a critical severity vulnerability has been identified within the .github/workflows/benchmark-bot.yml workflow, where a issue_comment can be triggered using the @benchmark body. This workflow is susceptible to exploitation as it checkout the ${{ github.event.issue.number }}, which correspond to the branch of the PR manipulated by potentially malicious actors, and where untrusted code may be executed. Running untrusted code may lead to the exfiltration of GITHUB_TOKEN, which in this workflow has write permissions on most of the scopes - in particular the contents one - and could lead to potential repository takeover. This is fixed by commit 3f61e79. | ||||
| CVE-2025-52994 | 1 Phpthumb Project | 1 Phpthumb | 2026-04-15 | 4.9 Medium |
| gif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS Command Injection via a crafted parameter value. This is fixed in 1.7.23-202506081709. | ||||
| CVE-2012-10029 | 1 Nagios | 4 Nagios, Nagios Xi, Xi and 1 more | 2026-04-15 | N/A |
| Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can inject system commands via unsanitized parameters such as `host`, resulting in remote code execution. | ||||
| CVE-2024-0074 | 1 Nvidia | 1 Gpu Display Driver | 2026-04-15 | 7.1 High |
| NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. | ||||
| CVE-2024-3299 | 2026-04-15 | 7.8 High | ||
| Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted SLDDRW or SLDPRT file. NOTE: this vulnerability was SPLIT from CVE-2024-1847. | ||||
| CVE-2025-0676 | 2026-04-15 | N/A | ||
| This vulnerability involves command injection in tcpdump within Moxa products, enabling an authenticated attacker with console access to exploit improper input validation to inject and execute systems commands. Successful exploitation could result in privilege escalation, allowing the attacker to gain root shell access and maintain persistent control over the device, potentially disrupting network services and affecting the availability of downstream systems that rely on its connectivity. | ||||
| CVE-2025-9996 | 1 Schneider-electric | 1 Blmon | 2026-04-15 | N/A |
| CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause the execution of any shell command when executing a netstat command using BLMon Console in an SSH session. | ||||
| CVE-2025-9974 | 1 Nokia | 1 Nokia Ont | 2026-04-15 | 8 High |
| The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged authenticated attacker may be able to execute arbitrary commands on the underlying ONT/Beacon operating system, potentially impacting the confidentiality, integrity, and availability of the device. | ||||
| CVE-2024-36103 | 2026-04-15 | 6.8 Medium | ||
| OS command injection vulnerability in WRC-X5400GS-B v1.0.10 and earlier, and WRC-X5400GSA-B v1.0.10 and earlier allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. | ||||
| CVE-2024-27980 | 2026-04-15 | N/A | ||
| Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. | ||||
| CVE-2024-9977 | 1 Mitrastar | 1 Gpt-2541gnac | 2026-04-15 | 4.7 Medium |
| A vulnerability, which was classified as critical, was found in MitraStar GPT-2541GNAC BR_g5.6_1.11(WVK.0)b26. Affected is an unknown function of the file /cgi-bin/settings-firewall.cgi of the component Firewall Settings Page. The manipulation of the argument SrcInterface leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. We tried to contact the vendor early about the disclosure but the official mail address was not working properly. | ||||