Total
4990 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-14093 | 1 Edimax | 1 Br-6478ac V3 | 2025-12-05 | 4.7 Medium |
| A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub_416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-14092 | 1 Edimax | 1 Br-6478ac V3 | 2025-12-05 | 4.7 Medium |
| A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub_416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2017-1000235 | 1 Scilico | 1 I\, Librarian | 2025-12-05 | 9.8 Critical |
| I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised. | ||||
| CVE-2025-66576 | 1 Remotecontrolio | 1 Remote Keyboard Desktop | 2025-12-05 | N/A |
| Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution. | ||||
| CVE-2020-36877 | 1 Request | 1 Serious Play Pro | 2025-12-05 | N/A |
| ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on the server. | ||||
| CVE-2024-27920 | 1 Projectdiscovery | 1 Nuclei | 2025-12-05 | 7.4 High |
| projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This advisory outlines the impacted users, provides details on the security patch, and suggests mitigation strategies. The vulnerability is addressed in Nuclei v3.2.0. Users are strongly recommended to update to this version to mitigate the security risk. Users should refrain from using custom workflows if unable to upgrade immediately. Only trusted, verified workflows should be executed. | ||||
| CVE-2024-58278 | 1 Indigostar | 1 Perl2exe | 2025-12-05 | N/A |
| perl2exe <= V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized access. | ||||
| CVE-2025-65202 | 1 Trendnet | 2 Tew-657brm, Tew-657brm Firmware | 2025-12-05 | 8 High |
| TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "next_file," which allows an attacker to execute arbitrary commands with root privileges. | ||||
| CVE-2025-34239 | 1 Advantech | 2 Webaccess/vpn, Webaccess\/vpn | 2025-12-04 | 7.2 High |
| Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename. | ||||
| CVE-2025-37157 | 1 Hpe | 1 Arubaos-cx | 2025-12-04 | 6.7 Medium |
| A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system. | ||||
| CVE-2025-37158 | 1 Hpe | 1 Arubaos-cx | 2025-12-04 | 6.7 Medium |
| A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system. | ||||
| CVE-2025-64755 | 2 Anthropic, Anthropics | 2 Claude Code, Claude Code | 2025-12-04 | 9.8 Critical |
| Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31. | ||||
| CVE-2025-34319 | 1 Totolink | 1 N300rt | 2025-12-04 | N/A |
| TOTOLINK N300RT wireless router firmware versions prior to V3.4.0-B20250430 (discovered in V2.1.8-B20201030.1539) contain an OS command injection vulnerability in the Boa formWsc handling functionality. An unauthenticated attacker can send specially crafted requests to trigger command execution via the targetAPSsid request parameter. | ||||
| CVE-2025-8890 | 1 Sdmc | 1 Ne6037 | 2025-12-04 | N/A |
| Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports. | ||||
| CVE-2025-11953 | 2 Microsoft, React-native-community | 2 Windows, Cli | 2025-12-04 | 9.8 Critical |
| The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary executables. On Windows, the attackers can also execute arbitrary shell commands with fully controlled arguments. | ||||
| CVE-2025-11787 | 2 Circutor, Sge-plc1000 Sge-plc50 | 5 Sge-plc1000, Sge-plc1000 Firmware, Sge-plc50 and 2 more | 2025-12-03 | 8.8 High |
| Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS()', 'CheckPing()' and 'TraceRoute()' functions. | ||||
| CVE-2025-10230 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-12-03 | 10 Critical |
| A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process. | ||||
| CVE-2025-66261 | 1 Dbbroadcast | 45 Mozart Dds Next 100, Mozart Dds Next 1000, Mozart Dds Next 1000 Firmware and 42 more | 2025-12-03 | 9.8 Critical |
| Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform URL-decoded name parameter passed to exec() allows remote code execution. The `/var/tdf/restore_settings.php` endpoint passes user-controlled `$_GET["name"]` parameter through `urldecode()` directly into `exec()` without validation or escaping. Attackers can inject arbitrary shell commands using metacharacters (`;`, `|`, `&&`, etc.) to achieve unauthenticated remote code execution as the web server user. | ||||
| CVE-2025-66253 | 1 Dbbroadcast | 45 Mozart Dds Next 100, Mozart Dds Next 1000, Mozart Dds Next 1000 Firmware and 42 more | 2025-12-03 | 9.8 Critical |
| Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform User input passed directly to exec() allows remote code execution via start_upgrade.php. The `/var/tdf/start_upgrade.php` endpoint passes user-controlled `$_GET["filename"]` directly into `exec()` without sanitization or shell escaping. Attackers can inject arbitrary shell commands using metacharacters (`;`, `|`, etc.) to achieve remote code execution as the web server user (likely root). | ||||
| CVE-2025-12744 | 1 Redhat | 1 Enterprise Linux | 2025-12-03 | 8.8 High |
| A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges. | ||||