Export limit exceeded: 351640 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14256 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20412 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20412 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12050 | 1 Insyde | 1 Insydeh2o | 2026-04-15 | 7.8 High |
| The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow. | ||||
| CVE-2024-7695 | 2026-04-15 | 7.5 High | ||
| Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack. | ||||
| CVE-2024-32639 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2026-04-15 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0011). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22974) | ||||
| CVE-2025-32107 | 2026-04-15 | N/A | ||
| OS command injection vulnerability exists in Deco BE65 Pro firmware versions prior to "Deco BE65 Pro(JP)_V1_1.1.2 Build 20250123". If this vulnerability is exploited, an arbitrary OS command may be executed by the user who can log in to the device. | ||||
| CVE-2025-43879 | 2026-04-15 | N/A | ||
| WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed. | ||||
| CVE-2024-32850 | 1 Seiko-sol | 2 Skybridge Basic Mb-a130 Firmware, Skybridge Mb-a110 Firmware | 2026-04-15 | 9.8 Critical |
| Improper neutralization of special elements used in a command ('Command Injection') exists in SkyBridge MB-A100/MB-A110 firmware Ver. 4.2.2 and earlier and SkyBridge BASIC MB-A130 firmware Ver. 1.5.5 and earlier. If the remote monitoring and control function is enabled on the product, an attacker with access to the product may execute an arbitrary command or login to the product with the administrator privilege. | ||||
| CVE-2012-10046 | 1 Esva Project | 1 Esva | 2026-04-15 | N/A |
| The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI handler fails to sanitize user-supplied input passed via the id parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and results in full command execution on the underlying system. | ||||
| CVE-2024-36324 | 1 Amd | 25 Amd Ryzen™ Ai 300 Series Processors, Radeon Pro V520, Radeon Pro V620 and 22 more | 2026-04-15 | 8.8 High |
| Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution. | ||||
| CVE-2025-10451 | 1 Insyde | 1 Insydeh2o | 2026-04-15 | 8.2 High |
| Unchecked output buffer may allowed arbitrary code execution in SMM and potentially result in SMM memory corruption. | ||||
| CVE-2023-4856 | 2026-04-15 | 8.8 High | ||
| A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint. | ||||
| CVE-2025-10659 | 1 Megasys | 1 Telenium Online Web Application | 2026-04-15 | 9.8 Critical |
| The Telenium Online Web Application is vulnerable due to a PHP endpoint accessible to unauthenticated network users that improperly handles user-supplied input. This vulnerability occurs due to the insecure termination of a regular expression check within the endpoint. Because the input is not correctly validated or sanitized, an unauthenticated attacker can inject arbitrary operating system commands through a crafted HTTP request, leading to remote code execution on the server in the context of the web application service account. | ||||
| CVE-2025-14500 | 1 Icewarp | 1 Icewarp | 2026-04-15 | N/A |
| IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the X-File-Operation header. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-27394. | ||||
| CVE-2024-52010 | 2026-04-15 | N/A | ||
| Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. Zoraxy has a Web SSH terminal feature that allows authenticated users to connect to SSH servers from their browsers. In HandleCreateProxySession the request to create an SSH session is handled. An attacker can exploit the username variable to escape from the bash command and inject arbitrary commands into sshCommand. This is possible, because, unlike hostname and port, the username is not validated or sanitized. | ||||
| CVE-2025-58062 | 1 Lstm-kirigaya | 1 Openmcp-client | 2026-04-15 | N/A |
| LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attacker controlled MCP server, attackers could provision a malicious authorization server endpoint to silently achieve an OS command injection attack in the open() invocation, leading to client system compromise. This issue has been patched in version 0.1.12. | ||||
| CVE-2025-54763 | 1 Centurysys | 5 Futurenet Ip-k Series, Futurenet Ma-e300 Series, Futurenet Ma-p Series and 2 more | 2026-04-15 | 7.2 High |
| FutureNet MA and IP-K series provided by Century Systems Co., Ltd. contain an OS command Injection vulnerability. A user who logs in to the Web UI of the product may execute an arbitrary OS command. | ||||
| CVE-2025-3002 | 2026-04-15 | 7.3 High | ||
| A vulnerability, which was classified as critical, has been found in Digital China DCME-520 up to 20250320. This issue affects some unknown processing of the file /usr/local/WWW/function/audit/newstatistics/mon_merge_stat_hist.php. The manipulation of the argument type_name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2011-10017 | 1 Snort | 1 Snort | 2026-04-15 | N/A |
| Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and can result in full compromise of the underlying system. | ||||
| CVE-2024-8504 | 1 Vicidial | 1 Vicidial | 2026-04-15 | 8.8 High |
| An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. | ||||
| CVE-2025-34073 | 2026-04-15 | N/A | ||
| An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail) versions <=0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input passed to subprocess.check_output() in core/http.py, allowing injection of shell metacharacters. Exploitation does not require authentication and commands are executed with the privileges of the Maltrail process. | ||||
| CVE-2012-10041 | 1 Wan Emulator | 1 Wan Emulator | 2026-04-15 | N/A |
| WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shell_exec() with unsanitized input from the pc POST parameter, allowing remote attackers to execute arbitrary commands as the www-data user. The system also includes a SUID-root binary named dosu, which is vulnerable to command injection via its first argument. An attacker can exploit both flaws in sequence to achieve full remote code execution and escalate privileges to root. | ||||