Total
2351 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-53104 | 2025-07-03 | N/A | 9.1 CRITICAL | ||
| gluestack-ui is a library of copy-pasteable components & patterns crafted with Tailwind CSS (NativeWind). Prior to commit e6b4271, a command injection vulnerability was discovered in the discussion-to-slack.yml GitHub Actions workflow. Untrusted discussion fields (title, body, etc.) were directly interpolated into shell commands in a run: block. An attacker could craft a malicious GitHub Discussion title or body (e.g., $(curl ...)) to execute arbitrary shell commands on the Actions runner. This issue has been fixed in commit e6b4271 where the discussion-to-slack.yml workflow was removed. Users should remove the discussion-to-slack.yml workflow if using a fork or derivative of this repository. | |||||
| CVE-2025-24333 | 2025-07-03 | N/A | 6.4 MEDIUM | ||
| Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added to baseband internal COMA_config.xml file. This issue has been corrected starting from release 24R1-SR 1.0 MP and later, by adding proper input validation to OAM service process which prevents injecting special characters via baseband internal COMA_config.xml file. | |||||
| CVE-2024-54794 | 1 Eng | 1 Spagobi | 2025-07-03 | N/A | 9.1 CRITICAL |
| The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. | |||||
| CVE-2025-6299 | 1 Totolink | 2 N150rt, N150rt Firmware | 2025-07-02 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boa/formWSC. The manipulation of the argument targetAPSsid leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5438 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-07-02 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-5439 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-07-02 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The manipulation of the argument uid/accessToken leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-5440 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-07-02 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument manual_year_select/manual_month_select/manual_day_select/manual_hour_select/manual_min_select/manual_sec_select leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-37096 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-37089 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-37091 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 7.2 HIGH |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2024-43591 | 1 Microsoft | 2 Azure Command-line Interface, Azure Service Connector | 2025-07-02 | N/A | 8.7 HIGH |
| Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | |||||
| CVE-2025-24049 | 1 Microsoft | 1 Azure Command-line Interface | 2025-07-02 | N/A | 8.4 HIGH |
| Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2024-49194 | 2025-07-02 | N/A | 7.3 HIGH | ||
| Databricks JDBC Driver 2.x before 2.6.40 could potentially allow remote code execution (RCE) by triggering a JNDI injection via a JDBC URL parameter. The vulnerability is rooted in the improper handling of the krbJAASFile parameter. An attacker could potentially exploit this vulnerability to achieve Remote Code Execution in the context of the driver by tricking a victim into using a crafted connection URL that uses the property krbJAASFile. | |||||
| CVE-2025-37092 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-5447 | 1 Linksys | 12 Re6250, Re6250 Firmware, Re6300 and 9 more | 2025-07-02 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. This vulnerability affects the function ssid1MACFilter of the file /goform/ssid1MACFilter. The manipulation of the argument apselect_%d/newap_text_%d leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-6897 | 1 Dlink | 2 Di-7300g\+, Di-7300g\+ Firmware | 2025-07-01 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-26331 | 1 Dell | 12 Latitude 3420, Latitude 3440, Latitude 5440 and 9 more | 2025-07-01 | N/A | 7.8 HIGH |
| Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution. | |||||
| CVE-2025-53098 | 2025-07-01 | N/A | 8.1 HIGH | ||
| Roo Code is an AI-powered autonomous coding agent. The project-specific MCP configuration for the Roo Code agent is stored in the `.roo/mcp.json` file within the VS Code workspace. Because the MCP configuration format allows for execution of arbitrary commands, prior to version 3.20.3, it would have been possible for an attacker with access to craft a prompt to ask the agent to write a malicious command to the MCP configuration file. If the user had opted-in to auto-approving file writes within the project, this would have led to arbitrary command execution. This issue is of moderate severity, since it requires the attacker to already be able to submit prompts to the agent (for instance through a prompt injection attack), for the user to have MCP enabled (on by default), and for the user to have enabled auto-approved file writes (off by default). Version 3.20.3 fixes the issue by adding an additional layer of opt-in configuration for auto-approving writing to Roo's configuration files, including all files within the `.roo/` folder. | |||||
| CVE-2025-52904 | 2025-06-30 | N/A | 8.0 HIGH | ||
| File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0 of the web application, all users have a scope assigned, and they only have access to the files within that scope. The Command Execution feature of Filebrowser allows the execution of shell commands which are not restricted to the scope, potentially giving an attacker read and write access to all files managed by the server. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application's configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. Fix is tracked on pull request 5199. | |||||
| CVE-2025-52903 | 2025-06-30 | N/A | 8.0 HIGH | ||
| File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0, the Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. The concrete impact depends on the commands being granted to the attacker, but the large number of standard commands allowing the execution of subcommands makes it likely that every user having the `Execute commands` permissions can exploit this vulnerability. Everyone who can exploit it will have full code execution rights with the uid of the server process. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application's configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. The fix is tracked on pull request 5199. | |||||