Export limit exceeded: 20779 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20779 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-1676 | 1 Hzmanyun | 1 Education And Training System | 2026-01-29 | 6.3 Medium |
| A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-47346 | 1 Qualcomm | 227 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 224 more | 2026-01-27 | 7.8 High |
| Memory corruption while processing a secure logging command in the trusted application. | ||||
| CVE-2025-27821 | 1 Apache | 1 Hadoop | 2026-01-27 | 7.3 High |
| Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue. | ||||
| CVE-2025-56101 | 1 Ruijie | 5 M18-ew, M18-ew Firmware, M18 Ew and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56089 | 1 Ruijie | 5 M18-ew, M18-ew Firmware, M18 Ew and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||
| CVE-2025-56098 | 1 Ruijie | 5 Rg-ew300 Pro, Rg-ew300 Pro Firmware, X30-pro and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56093 | 1 Ruijie | 7 Rg-eap602, Rg-eap602 Firmware, Rg-ew300 Pro and 4 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua. | ||||
| CVE-2025-56094 | 1 Ruijie | 5 Rg-ew300 Pro, Rg-ew300 Pro Firmware, X30-pro and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/host_access_delay.lua. | ||||
| CVE-2025-56095 | 1 Ruijie | 4 Rg-eap602, Rg-eap602 Firmware, Rg-ew1200g Pro and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||
| CVE-2025-56090 | 1 Ruijie | 4 Rg-ew1200g Pro, Rg-ew1200g Pro Firmware, Rg-ew1200r and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56123 | 1 Ruijie | 4 Rg-ew1200g Pro, Rg-ew1200g Pro Firmware, Rg-ew1300g and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56091 | 1 Ruijie | 4 Rg-ew1800gx, Rg-ew1800gx Firmware, Rg-ew300r and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56097 | 1 Ruijie | 4 Rg-ew1800gx Pro, Rg-ew1800gx Pro Firmware, Rg-ew300n and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56102 | 1 Ruijie | 4 Rg-ew1800gx, Rg-ew1800gx Firmware, Rg-ew300r and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56108 | 1 Ruijie | 11 Rg-eap602, Rg-eap602 Firmware, Rg-est310 and 8 more | 2026-01-26 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua. | ||||
| CVE-2025-56088 | 1 Ruijie | 2 Rg-bcr860, Rg-bcr860 Firmware | 2026-01-26 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_service in file /usr/lib/lua/luci/controller/admin/service.lua. | ||||
| CVE-2025-56109 | 1 Ruijie | 2 Rg-bcr860, Rg-bcr860 Firmware | 2026-01-26 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless.lua. | ||||
| CVE-2024-31976 | 2 Engenius, Engeniustech | 3 Ews356 Fit Firmware, Ews356-fir, Ews356-fir Firmware | 2026-01-26 | 8 High |
| EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS commands via the Controller connectivity parameter. | ||||
| CVE-2025-56106 | 1 Ruijie | 4 Rg-est350, Rg-est350 Firmware, Rg-ew1800gx and 1 more | 2026-01-26 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||
| CVE-2018-25143 | 1 Microhardcorp | 22 Bullet-3g, Bullet-3g Firmware, Bullet-lte and 19 more | 2026-01-26 | 8.8 High |
| Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root privileges. | ||||