Total
4855 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54415 | 2025-07-29 | N/A | ||
| dag-factory is a library for Apache Airflow® to construct DAGs declaratively via configuration files. In versions 0.23.0a8 and below, a high-severity vulnerability has been identified in the cicd.yml workflow within the astronomer/dag-factory GitHub repository. The workflow, specifically when triggered by pull_request_target, is susceptible to exploitation, allowing an attacker to execute arbitrary code within the GitHub Actions runner environment. This misconfiguration enables an attacker to establish a reverse shell, exfiltrate sensitive secrets, including the highly-privileged GITHUB_TOKEN, and ultimately gain full control over the repository. This is fixed in version 0.23.0a9. | ||||
| CVE-2014-125118 | 2025-07-29 | N/A | ||
| A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a specially crafted password value. Successful exploitation results in remote code execution. Privilege escalation to root is possible by abusing the runasroot utility with mwconf-level privileges. | ||||
| CVE-2025-29534 | 2025-07-29 | 8.8 High | ||
| An authenticated remote code execution vulnerability in PowerStick Wave Dual-Band Wifi Extender V1.0 allows an attacker with valid credentials to execute arbitrary commands with root privileges. The issue stems from insufficient sanitization of user-supplied input in the /cgi-bin/cgi_vista.cgi executable, which is passed to a system-level function call. | ||||
| CVE-2023-53158 | 1 Gitoxidelabs | 1 Gix-transport | 2025-07-29 | 4.1 Medium |
| The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit. | ||||
| CVE-2024-20399 | 1 Cisco | 201 Mds 9000, Mds 9100, Mds 9132t and 198 more | 2025-07-28 | 6 Medium |
| A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root. Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges: Nexus 3000 Series Switches Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later Nexus 9000 Series Switches in standalone NX-OS mode | ||||
| CVE-2020-15778 | 4 Broadcom, Netapp, Openbsd and 1 more | 11 Fabric Operating System, A700s, A700s Firmware and 8 more | 2025-07-28 | 7.4 High |
| scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows." | ||||
| CVE-2025-7404 | 2025-07-25 | N/A | ||
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Calibre Web, Autocaliweb allows Blind OS Command Injection.This issue affects Calibre Web: 0.6.24 (Nicolette); Autocaliweb: from 0.7.0 before 0.7.1. | ||||
| CVE-2025-7724 | 2025-07-25 | N/A | ||
| An unauthenticated OS command injection vulnerability exists in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407. | ||||
| CVE-2025-41684 | 1 Weidmueller | 3 Ie-sr-2tx-wl, Ie-sr-2tx-wl-4g-eu, Ie-sr-2tx-wl-4g-us-v | 2025-07-25 | 8.8 High |
| An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint tls_iotgen_setting). | ||||
| CVE-2025-7723 | 2025-07-25 | N/A | ||
| A command injection vulnerability exists that can be exploited after authentication in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407. | ||||
| CVE-2015-10141 | 2025-07-25 | 5.6 Medium | ||
| An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user. | ||||
| CVE-2025-41683 | 1 Weidmueller | 3 Ie-sr-2tx-wl, Ie-sr-2tx-wl-4g-eu, Ie-sr-2tx-wl-4g-us-v | 2025-07-25 | 8.8 High |
| An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint event_mail_test). | ||||
| CVE-2022-4978 | 2025-07-25 | N/A | ||
| Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custom UDP-based control protocol that accepts remote keyboard input events without verification. An attacker on the same network can issue a sequence of keystroke commands to launch a system shell and execute arbitrary commands, resulting in full system compromise. | ||||
| CVE-2025-34143 | 2025-07-25 | N/A | ||
| An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583. | ||||
| CVE-2025-5243 | 2025-07-25 | 10 Critical | ||
| Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SMG Software Information Portal allows Code Injection, Upload a Web Shell to a Web Server, Code Inclusion.This issue affects Information Portal: before 13.06.2025. | ||||
| CVE-2024-20326 | 1 Cisco | 3 Confd Basic, Confd Premium, Crosswork Network Services Orchestrator | 2025-07-25 | 7.8 High |
| A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user. | ||||
| CVE-2024-32123 | 1 Fortinet | 3 Fortianalyzer, Fortianalyzer Big Data, Fortimanager | 2025-07-24 | 6.5 Medium |
| Multiple improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 and 5.6.0 through 5.6.11 and 5.4.0 through 5.4.7 and 5.2.0 through 5.2.10 and 5.0.0 through 5.0.12 and 4.3.4 through 4.3.8 allows attacker to execute unauthorized code or commands via crafted CLI requests. | ||||
| CVE-2025-41663 | 2025-07-24 | 9.8 Critical | ||
| For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations. | ||||
| CVE-2024-54025 | 1 Fortinet | 1 Fortiisolator | 2025-07-23 | 6.5 Medium |
| An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests. | ||||
| CVE-2024-54024 | 1 Fortinet | 1 Fortiisolator | 2025-07-23 | 7 High |
| An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile and CLI access to execute unauthorized code via specifically crafted HTTP requests. | ||||