Total
4684 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-28027 | 1 Mc-technologies | 2 Mc Lr Router, Mc Lr Router Firmware | 2025-11-03 | N/A | 7.2 HIGH |
| Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authetnicated OS Command injection that occurs through the attacker-controlled `timer1` parameter, at offset `0x8e80`. | |||||
| CVE-2024-28026 | 1 Mc-technologies | 2 Mc Lr Router, Mc Lr Router Firmware | 2025-11-03 | N/A | 7.2 HIGH |
| Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `out1` parameter, at offset `0x8efc`. int out_ret = sscanf(current_param->key, "out%u", &io_idx); if (out_ret == 1 && io_idx == 1) { // [4] Similar to `3`, but `out1` instead of `btn1` if (asprintf(&command, "/usr/sbin/vout %s %u vo_manual", current_param->value, 1) > 0) { system(command); return -1; } } | |||||
| CVE-2024-28025 | 1 Mc-technologies | 2 Mc Lr Router, Mc Lr Router Firmware | 2025-11-03 | N/A | 7.2 HIGH |
| Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `btn1` parameter, at offset `0x8eb0`. | |||||
| CVE-2024-11003 | 1 Needrestart Project | 1 Needrestart | 2025-11-03 | N/A | 7.8 HIGH |
| Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps. | |||||
| CVE-2024-10224 | 2 Debian, Rschupp | 2 Debian Linux, Modules\ | 2025-11-03 | N/A | 5.3 MEDIUM |
| Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or by passing arbitrary strings to eval(). | |||||
| CVE-2023-37903 | 1 Vm2 Project | 1 Vm2 | 2025-11-03 | N/A | 9.8 CRITICAL |
| vm2 is an open source vm/sandbox for Node.js. In vm2 for versions up to and including 3.9.19, Node.js custom inspect function allows attackers to escape the sandbox and run arbitrary code. This may result in Remote Code Execution, assuming the attacker has arbitrary code execution primitive inside the context of vm2 sandbox. There are no patches and no known workarounds. Users are advised to find an alternative software. | |||||
| CVE-2022-2068 | 6 Broadcom, Debian, Fedoraproject and 3 more | 43 Sannav, Debian Linux, Fedora and 40 more | 2025-11-03 | 10.0 HIGH | 7.3 HIGH |
| In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). | |||||
| CVE-2025-22604 | 1 Cacti | 1 Cacti | 2025-11-03 | N/A | 9.1 CRITICAL |
| Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used as a key in an array that is used as part of a system command, causing a command execution vulnerability. This vulnerability is fixed in 1.2.29. | |||||
| CVE-2025-1244 | 2025-11-03 | N/A | 8.8 HIGH | ||
| A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. | |||||
| CVE-2023-28617 | 1 Gnu | 1 Org Mode | 2025-11-03 | N/A | 7.8 HIGH |
| org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. | |||||
| CVE-2021-3621 | 2 Fedoraproject, Redhat | 8 Fedora, Sssd, Enterprise Linux and 5 more | 2025-11-03 | 9.3 HIGH | 8.8 HIGH |
| A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2025-50121 | 2025-11-03 | N/A | N/A | ||
| A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause unauthenticated remote code execution when a malicious folder is created over the web interface HTTP when enabled. HTTP is disabled by default. | |||||
| CVE-2025-47780 | 1 Sangoma | 2 Asterisk, Certified Asterisk | 2025-11-03 | N/A | 7.8 HIGH |
| Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface (CLI) by configuring `cli_permissions.conf` (e.g. with the config line `deny=!*`) does not work which could lead to a security risk. If an administrator running an Asterisk instance relies on the `cli_permissions.conf` file to work and expects it to deny all attempts to execute shell commands, then this could lead to a security vulnerability. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue. | |||||
| CVE-2025-44961 | 1 Commscope | 31 Ruckus C110, Ruckus E510, Ruckus H320 and 28 more | 2025-11-03 | N/A | 9.9 CRITICAL |
| In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. | |||||
| CVE-2025-44960 | 1 Commscope | 31 Ruckus C110, Ruckus E510, Ruckus H320 and 28 more | 2025-11-03 | N/A | 8.5 HIGH |
| RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route. | |||||
| CVE-2025-41675 | 2025-11-03 | N/A | 7.2 HIGH | ||
| A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command. | |||||
| CVE-2025-41674 | 2025-11-03 | N/A | 7.2 HIGH | ||
| A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command. | |||||
| CVE-2025-41673 | 2025-11-03 | N/A | 7.2 HIGH | ||
| A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command. | |||||
| CVE-2025-27804 | 2025-11-03 | N/A | 6.5 MEDIUM | ||
| Several OS command injection vulnerabilities exist in the device firmware in the /var/salia/mqtt.php script. By publishing a specially crafted message to a certain MQTT topic arbitrary OS commands can be executed with root permissions. | |||||
| CVE-2025-43941 | 1 Dell | 1 Unity Operating Environment | 2025-11-03 | N/A | 7.2 HIGH |
| Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command with root privileges. This vulnerability only affects systems without a valid license install. | |||||