Total
4695 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49141 | 1 Psu | 2 Haxcms-nodejs, Haxcms-php | 2025-07-30 | N/A | 8.5 HIGH |
| HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.3, the `gitImportSite` functionality obtains a URL string from a POST request and insufficiently validates user input. The `set_remote` function later passes this input into `proc_open`, yielding OS command injection. An authenticated attacker can craft a URL string that bypasses the validation checks employed by the `filter_var` and `strpos` functions in order to execute arbitrary OS commands on the backend server. The attacker can exfiltrate command output via an HTTP request. Version 11.0.3 contains a patch for the issue. | |||||
| CVE-2024-8755 | 1 Progress | 1 Loadmaster | 2025-07-30 | N/A | 8.4 HIGH |
| Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive) From 7.2.49.0 to 7.2.54.12 (inclusive) 7.2.48.12 and all prior versions Multi-Tenant Hypervisor 7.1.35.12 and all prior versions ECS All prior versions to 7.2.60.1 (inclusive) | |||||
| CVE-2024-53286 | 1 Synology | 1 Router Manager | 2025-07-29 | N/A | 7.2 HIGH |
| Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DDNS Record functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to execute arbitrary code via unspecified vectors. | |||||
| CVE-2024-11681 | 2 Apple, Macports | 2 Macos, Macports | 2025-07-29 | N/A | 6.8 MEDIUM |
| A malicious or compromised MacPorts mirror can execute arbitrary commands as root on the machine of a client running port selfupdate against the mirror. | |||||
| CVE-2014-125118 | 2025-07-29 | N/A | N/A | ||
| A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a specially crafted password value. Successful exploitation results in remote code execution. Privilege escalation to root is possible by abusing the runasroot utility with mwconf-level privileges. | |||||
| CVE-2025-54415 | 2025-07-29 | N/A | N/A | ||
| dag-factory is a library for Apache Airflow® to construct DAGs declaratively via configuration files. In versions 0.23.0a8 and below, a high-severity vulnerability has been identified in the cicd.yml workflow within the astronomer/dag-factory GitHub repository. The workflow, specifically when triggered by pull_request_target, is susceptible to exploitation, allowing an attacker to execute arbitrary code within the GitHub Actions runner environment. This misconfiguration enables an attacker to establish a reverse shell, exfiltrate sensitive secrets, including the highly-privileged GITHUB_TOKEN, and ultimately gain full control over the repository. This is fixed in version 0.23.0a9. | |||||
| CVE-2025-29534 | 2025-07-29 | N/A | 8.8 HIGH | ||
| An authenticated remote code execution vulnerability in PowerStick Wave Dual-Band Wifi Extender V1.0 allows an attacker with valid credentials to execute arbitrary commands with root privileges. The issue stems from insufficient sanitization of user-supplied input in the /cgi-bin/cgi_vista.cgi executable, which is passed to a system-level function call. | |||||
| CVE-2023-53158 | 2025-07-29 | N/A | 4.1 MEDIUM | ||
| The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit. | |||||
| CVE-2025-53695 | 2025-07-29 | N/A | N/A | ||
| OS Command Injection in iSTAR Ultra products web application allows an authenticated attacker to gain even more privileged access ('root' user) to the device firmware. | |||||
| CVE-2020-15778 | 3 Broadcom, Netapp, Openbsd | 10 Fabric Operating System, A700s, A700s Firmware and 7 more | 2025-07-28 | 6.8 MEDIUM | 7.4 HIGH |
| scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows." | |||||
| CVE-2025-7404 | 2025-07-25 | N/A | N/A | ||
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Calibre Web, Autocaliweb allows Blind OS Command Injection.This issue affects Calibre Web: 0.6.24 (Nicolette); Autocaliweb: from 0.7.0 before 0.7.1. | |||||
| CVE-2025-7723 | 2025-07-25 | N/A | N/A | ||
| A command injection vulnerability exists that can be exploited after authentication in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407. | |||||
| CVE-2025-7724 | 2025-07-25 | N/A | N/A | ||
| An unauthenticated OS command injection vulnerability exists in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407. | |||||
| CVE-2022-4978 | 2025-07-25 | N/A | N/A | ||
| Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custom UDP-based control protocol that accepts remote keyboard input events without verification. An attacker on the same network can issue a sequence of keystroke commands to launch a system shell and execute arbitrary commands, resulting in full system compromise. | |||||
| CVE-2025-41683 | 2025-07-25 | N/A | 8.8 HIGH | ||
| An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint event_mail_test). | |||||
| CVE-2015-10141 | 2025-07-25 | N/A | N/A | ||
| An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user. | |||||
| CVE-2025-41684 | 2025-07-25 | N/A | 8.8 HIGH | ||
| An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint tls_iotgen_setting). | |||||
| CVE-2025-5243 | 2025-07-25 | N/A | 10.0 CRITICAL | ||
| Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SMG Software Information Portal allows Code Injection, Upload a Web Shell to a Web Server, Code Inclusion.This issue affects Information Portal: before 13.06.2025. | |||||
| CVE-2024-20326 | 1 Cisco | 3 Confd Basic, Confd Premium, Crosswork Network Services Orchestrator | 2025-07-25 | N/A | 7.8 HIGH |
| A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user. | |||||
| CVE-2024-32123 | 1 Fortinet | 3 Fortianalyzer, Fortianalyzer Big Data, Fortimanager | 2025-07-24 | N/A | 6.7 MEDIUM |
| Multiple improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 and 5.6.0 through 5.6.11 and 5.4.0 through 5.4.7 and 5.2.0 through 5.2.10 and 5.0.0 through 5.0.12 and 4.3.4 through 4.3.8 allows attacker to execute unauthorized code or commands via crafted CLI requests. | |||||