Total
6108 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4853 | 1 Akabei Soft2 | 1 Happy Wardrobe | 2025-04-12 | N/A |
| AKABEi SOFT2 games allow remote attackers to execute arbitrary OS commands via crafted saved data, as demonstrated by Happy Wardrobe. | ||||
| CVE-2013-5948 | 2 Asus, T-mobile | 3 Rt-ac68u, Rt-ac68u Firmware, Tm-ac1900 | 2025-04-12 | N/A |
| The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter). | ||||
| CVE-2014-3085 | 1 Ibm | 2 Global Console Manager 16 Firmware, Global Console Manager 32 Firmware | 2025-04-12 | N/A |
| systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter. | ||||
| CVE-2016-4965 | 1 Fortinet | 1 Fortiwan | 2025-04-12 | N/A |
| Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php. | ||||
| CVE-2015-6008 | 1 Refbase | 1 Refbase | 2025-04-12 | N/A |
| install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381. | ||||
| CVE-2015-4279 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | N/A |
| The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778. | ||||
| CVE-2014-9284 | 1 Buffalotech | 14 Bhr-4grv2, Bhr-4grv2 Firmware, Wex-300 and 11 more | 2025-04-12 | N/A |
| The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2014-2707 | 1 Linuxfoundation | 1 Cups-filters | 2025-04-12 | N/A |
| cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues." | ||||
| CVE-2016-1000216 | 1 Ruckus | 1 Wireless H500 | 2025-04-12 | N/A |
| Ruckus Wireless H500 web management interface authenticated command injection | ||||
| CVE-2014-3358 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. | ||||
| CVE-2012-1166 | 1 Canonical | 2 Ltsp Display Manager, Ubuntu Linux | 2025-04-12 | N/A |
| The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window. | ||||
| CVE-2016-1352 | 1 Cisco | 1 Unified Computing System Central Software | 2025-04-12 | N/A |
| Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuv33856. | ||||
| CVE-2015-4956 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-12 | N/A |
| The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors. | ||||
| CVE-2014-4326 | 1 Elastic | 1 Logstash | 2025-04-12 | N/A |
| Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/. | ||||
| CVE-2015-4330 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
| A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556. | ||||
| CVE-2015-0977 | 1 Network Vision | 1 Intravue | 2025-04-12 | N/A |
| Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2015-0691 | 1 Cisco | 1 Secure Desktop | 2025-04-12 | N/A |
| A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001. | ||||
| CVE-2016-1482 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. | ||||
| CVE-2016-3655 | 1 Paloaltonetworks | 1 Pan-os | 2025-04-12 | N/A |
| The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call. | ||||
| CVE-2016-1320 | 1 Cisco | 1 Prime Collaboration | 2025-04-12 | N/A |
| The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286. | ||||