Total
4690 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9174 | 2025-08-20 | 5.3 Medium | ||
| A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-9176 | 2025-08-20 | 5.3 Medium | ||
| A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited. | ||||
| CVE-2024-9463 | 1 Paloaltonetworks | 1 Expedition | 2025-08-20 | 7.5 High |
| An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. | ||||
| CVE-2024-8926 | 1 Php | 1 Php | 2025-08-19 | 8.1 High |
| In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows "Best Fit" codepage behavior can be achieved. This may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc. | ||||
| CVE-2025-53695 | 1 Johnsoncontrols | 1 Istar Ultra | 2025-08-19 | N/A |
| OS Command Injection in iSTAR Ultra products web application allows an authenticated attacker to gain even more privileged access ('root' user) to the device firmware. | ||||
| CVE-2025-54948 | 1 Trendmicro | 2 Apex One, Apexone Server | 2025-08-19 | 9.4 Critical |
| A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. | ||||
| CVE-2025-55284 | 1 Anthropics | 1 Claude Code | 2025-08-18 | N/A |
| Claude Code is an agentic coding tool. Prior to version 1.0.4, it's possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation due to an overly broad allowlist of safe commands. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically after release. Current users of Claude Code are unaffected, as versions prior to 1.0.24 are deprecated and have been forced to update. | ||||
| CVE-2025-55589 | 2025-08-18 | 6.5 Medium | ||
| TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection vulnerabilities via the macstr, bandstr, and clientoff parameters at /boafrm/formMapDelDevice. | ||||
| CVE-2025-6704 | 1 Sophos | 2 Firewall, Firewall Firmware | 2025-08-18 | 9.8 Critical |
| An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode. | ||||
| CVE-2024-55904 | 1 Ibm | 2 Devops Deploy, Urbancode Deploy | 2025-08-18 | 7.2 High |
| IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements. | ||||
| CVE-2023-42128 | 2 Magnet Forensics, Magnetforensics | 2 Axiom, Axiom | 2025-08-18 | N/A |
| Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must acquire data from a malicious mobile device. The specific flaw exists within the Android device image acquisition functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21255. | ||||
| CVE-2025-9026 | 2 D-link, Dlink | 3 Dir-860l, Dir-860l, Dir-860l Firmware | 2025-08-18 | 7.3 High |
| A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file htdocs/cgibin of the component Simple Service Discovery Protocol. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2012-10059 | 1 Dolibarr | 2 Dolibarr, Dolibarr Erp/crm | 2025-08-16 | N/A |
| Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server. | ||||
| CVE-2025-43984 | 1 Kuwfi | 1 Gc111 | 2025-08-16 | 9.8 Critical |
| An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software Version: GC111-GL-LM321_V3.0_20191211). They are vulnerable to unauthenticated /goform/goform_set_cmd_process requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary OS commands with root privileges. | ||||
| CVE-2025-20220 | 1 Cisco | 2 Firepower Management Center, Firepower Threat Defense Software | 2025-08-16 | 6 Medium |
| A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials. For more information about vulnerable scenarios, see the Details ["#details"] section of this advisory. | ||||
| CVE-2025-25256 | 1 Fortinet | 1 Fortisiem | 2025-08-16 | 9.8 Critical |
| An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests. | ||||
| CVE-2024-46486 | 1 Tp-link | 2 Tl-wdr5620, Tl-wdr5620 Firmware | 2025-08-15 | 8 High |
| TP-LINK TL-WDR5620 v2.3 was discovered to contain a remote code execution (RCE) vulnerability via the httpProcDataSrv function. | ||||
| CVE-2021-30187 | 2 Codesys, Wago | 55 Runtime Toolkit, 750-8202, 750-8202 Firmware and 52 more | 2025-08-15 | 5.3 Medium |
| CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command. | ||||
| CVE-2024-28767 | 1 Ibm | 1 Security Directory Integrator | 2025-08-15 | 6.8 Medium |
| IBM Security Directory Integrator 7.2.0 through 7.2.0.13 and 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | ||||
| CVE-2025-36604 | 1 Dell | 1 Unity Operating Environment | 2025-08-15 | 7.3 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution. | ||||