Sign in Sign up
JA · EN · FR
SecPulse

Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Categories
All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other
Tag groups
All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15
Popular tags (Top 40)
Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337
Filtering: Group: vendors Tag: cwe-77 Clear
ID Title
CVE-2026-35428 Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
CVE-2026-43117 Vulnerability in linux (CVE-2026-43117)
vulnerability in linux (CVE-2026-43117). Confidential information can be exposed externally.
CVE-2025-29635 KEV [KEV] Command Injection in D-link dir-823x (CVE-2025-29635)
command injection in D-link dir-823x (CVE-2025-29635). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-22719 KEV [KEV] Command Injection in Broadcom vmware-aria-operations (CVE-2026-22719)
command injection in Broadcom vmware-aria-operations (CVE-2026-22719). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-4008 KEV [KEV] Vulnerability in Smartbedded meteobridge (CVE-2025-4008)
vulnerability in Smartbedded meteobridge (CVE-2025-4008). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-10035 KEV [KEV] Unsafe Deserialization in Fortra goanywhere-mft (CVE-2025-10035)
vulnerability in Fortra goanywhere-mft (CVE-2025-10035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-59689 KEV [KEV] Command Injection in Libraesva email-security-gateway (CVE-2025-59689)
command injection in Libraesva email-security-gateway (CVE-2025-59689). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-25079 KEV [KEV] Command Injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079)
command injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-10033 KEV [KEV] Command Injection in php (CVE-2016-10033)
command injection in php (CVE-2016-10033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33538 KEV [KEV] Command Injection in Tp-link multiple-routers (CVE-2023-33538)
command injection in Tp-link multiple-routers (CVE-2023-33538). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-20118 KEV [KEV] Command Injection in Cisco small-business-rv-series-routers (CVE-2023-20118)
command injection in Cisco small-business-rv-series-routers (CVE-2023-20118). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-12251 Command Injection in telerik (CVE-2024-12251)
command injection in telerik (CVE-2024-12251). Successful exploitation can lead to full system takeover.
CVE-2024-12356 KEV [KEV] Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356)
command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-9474 KEV [KEV] Command Injection in Palo alto networks palo-alto-networks (CVE-2024-9474)
command injection in Palo alto networks palo-alto-networks (CVE-2024-9474). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-9380 KEV [KEV] Command Injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380)
command injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-3400 KEV [KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-3273 KEV [KEV] Command Injection in D-link multiple-nas-devices (CVE-2024-3273)
command injection in D-link multiple-nas-devices (CVE-2024-3273). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21887 KEV [KEV] Command Injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887)
command injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-20017 KEV [KEV] Command Injection in D-link dsl-2750b-devices (CVE-2016-20017)
command injection in D-link dsl-2750b-devices (CVE-2016-20017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-1671 KEV [KEV] Command Injection in Sophos web-appliance (CVE-2023-1671)
command injection in Sophos web-appliance (CVE-2023-1671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-20887 KEV [KEV] Command Injection in Vmware aria-operations-for-networks (CVE-2023-20887)
command injection in Vmware aria-operations-for-networks (CVE-2023-20887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-1389 KEV [KEV] Command Injection in Tp-link archer-ax21 (CVE-2023-1389)
command injection in Tp-link archer-ax21 (CVE-2023-1389). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-40765 KEV [KEV] Command Injection in Mitel mivoice-connect (CVE-2022-40765)
command injection in Mitel mivoice-connect (CVE-2022-40765). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-19949 KEV [KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949)
vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-6367 KEV [KEV] Command Injection in Cisco adaptive-security-appliance-asa (CVE-2016-6367)
command injection in Cisco adaptive-security-appliance-asa (CVE-2016-6367). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2010-5330 KEV [KEV] Command Injection in Ubiquiti airos (CVE-2010-5330)
command injection in Ubiquiti airos (CVE-2010-5330). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-2509 KEV [KEV] Command Injection in qnap (CVE-2020-2509)
command injection in qnap (CVE-2020-2509). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-1555 KEV [KEV] Command Injection in Netgear wireless-access-point-wap-devices (CVE-2016-1555)
command injection in Netgear wireless-access-point-wap-devices (CVE-2016-1555). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-2051 KEV [KEV] Command Injection in D-link dir-645-router (CVE-2015-2051)
command injection in D-link dir-645-router (CVE-2015-2051). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-0541 KEV [KEV] Command Injection in Microsoft mshtml (CVE-2019-0541)
command injection in Microsoft mshtml (CVE-2019-0541). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22899 KEV [KEV] Command Injection in Ivanti pulse-connect-secure (CVE-2021-22899)
command injection in Ivanti pulse-connect-secure (CVE-2021-22899). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →