Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-77 Clear
ID Title
CVE-2025-60671 Command Injection in dlink (CVE-2025-60671)
command injection in dlink (CVE-2025-60671). Risk of unauthorized operations or information disclosure.
CVE-2025-60682 Command Injection in totolink (CVE-2025-60682)
command injection in totolink (CVE-2025-60682). Risk of unauthorized operations or information disclosure.
CVE-2025-60683 Command Injection in totolink (CVE-2025-60683)
command injection in totolink (CVE-2025-60683). Risk of unauthorized operations or information disclosure.
CVE-2025-60687 Command Injection in totolink (CVE-2025-60687)
command injection in totolink (CVE-2025-60687). Risk of unauthorized operations or information disclosure.
CVE-2025-60689 Command Injection in linksys (CVE-2025-60689)
command injection in linksys (CVE-2025-60689). Risk of unauthorized operations or information disclosure.
CVE-2025-60838 Command Injection in mingsoft (CVE-2025-60838)
command injection in mingsoft (CVE-2025-60838). Risk of unauthorized operations or information disclosure.
CVE-2025-4008 KEV [KEV] Vulnerability in Smartbedded meteobridge (CVE-2025-4008)
vulnerability in Smartbedded meteobridge (CVE-2025-4008). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-59689 KEV [KEV] Command Injection in Libraesva email-security-gateway (CVE-2025-59689)
command injection in Libraesva email-security-gateway (CVE-2025-59689). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-10035 KEV [KEV] Unsafe Deserialization in Fortra goanywhere-mft (CVE-2025-10035)
vulnerability in Fortra goanywhere-mft (CVE-2025-10035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-57685 Command Injection in CVE-2025-57685 (CVE-2025-57685)
command injection in CVE-2025-57685 (CVE-2025-57685). Successful exploitation can lead to full system takeover.
CVE-2024-48705 Command Injection in wavlink (CVE-2024-48705)
command injection in wavlink (CVE-2024-48705). Risk of unauthorized operations or information disclosure.
CVE-2025-57105 Command Injection in dlink (CVE-2025-57105)
command injection in dlink (CVE-2025-57105). Successful exploitation can lead to full system takeover.
CVE-2020-25079 KEV [KEV] Command Injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079)
command injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-25691 Command Injection in deserialization (CVE-2025-25691)
command injection in deserialization (CVE-2025-25691). Risk of unauthorized operations or information disclosure.
CVE-2025-25692 Command Injection in deserialization (CVE-2025-25692)
command injection in deserialization (CVE-2025-25692). Risk of unauthorized operations or information disclosure.
CVE-2025-45619 Command Injection in averusa (CVE-2025-45619)
command injection in averusa (CVE-2025-45619). Risk of unauthorized operations or information disclosure.
CVE-2016-10033 KEV [KEV] Command Injection in php (CVE-2016-10033)
command injection in php (CVE-2016-10033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-52904 Command Injection in github.com/filebrowser/filebrowser/v2 (CVE-2025-52904)
command injection in github.com/filebrowser/filebrowser/v2 (CVE-2025-52904). Successful exploitation can lead to full system takeover. Exploitable via ``grep``. Mitigation: upgrade to `2.33.8` or later.
CVE-2025-45931 Command Injection in dlink (CVE-2025-45931)
command injection in dlink (CVE-2025-45931). Successful exploitation can lead to full system takeover.
CVE-2025-52903 Vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903). Successful exploitation can lead to full system takeover. Exploitable via ``find``. Mitigation: upgrade to `2.33.10` or later.
CVE-2023-33538 KEV [KEV] Command Injection in Tp-link multiple-routers (CVE-2023-33538)
command injection in Tp-link multiple-routers (CVE-2023-33538). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-25504 Command Injection in niceforyou (CVE-2025-25504)
command injection in niceforyou (CVE-2025-25504). Risk of unauthorized operations or information disclosure.
CVE-2023-20118 KEV [KEV] Command Injection in Cisco small-business-rv-series-routers (CVE-2023-20118)
command injection in Cisco small-business-rv-series-routers (CVE-2023-20118). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-25802 Command Injection in seacms (CVE-2025-25802)
command injection in seacms (CVE-2025-25802). Data can be tampered with by attackers.
CVE-2025-25813 Command Injection in seacms (CVE-2025-25813)
command injection in seacms (CVE-2025-25813). Data can be tampered with by attackers.
CVE-2025-25791 Command Injection in yzncms (CVE-2025-25791)
command injection in yzncms (CVE-2025-25791). Risk of unauthorized operations or information disclosure.
CVE-2025-25792 Command Injection in seacms (CVE-2025-25792)
command injection in seacms (CVE-2025-25792). Risk of unauthorized operations or information disclosure.
CVE-2025-25793 Command Injection in seacms (CVE-2025-25793)
command injection in seacms (CVE-2025-25793). Data can be tampered with by attackers.
CVE-2025-25794 Command Injection in seacms (CVE-2025-25794)
command injection in seacms (CVE-2025-25794). Data can be tampered with by attackers.
CVE-2025-25796 Command Injection in seacms (CVE-2025-25796)
command injection in seacms (CVE-2025-25796). Data can be tampered with by attackers.
CVE-2025-25797 Command Injection in seacms (CVE-2025-25797)
command injection in seacms (CVE-2025-25797). Data can be tampered with by attackers.
CVE-2024-12251 Command Injection in telerik (CVE-2024-12251)
command injection in telerik (CVE-2024-12251). Successful exploitation can lead to full system takeover.
CVE-2024-48419 Command Injection in edimax (CVE-2024-48419)
command injection in edimax (CVE-2024-48419). Successful exploitation can lead to full system takeover.
CVE-2025-22912 Command Injection in edimax (CVE-2025-22912)
command injection in edimax (CVE-2025-22912). Successful exploitation can lead to full system takeover.
CVE-2024-12356 KEV [KEV] Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356)
command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-9474 KEV [KEV] Command Injection in Palo alto networks palo-alto-networks (CVE-2024-9474)
command injection in Palo alto networks palo-alto-networks (CVE-2024-9474). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-10035 Command Injection in privilege-escalation (CVE-2024-10035)
command injection in privilege-escalation (CVE-2024-10035). Successful exploitation can lead to full system takeover.
CVE-2024-40089 Command Injection in viloliving (CVE-2024-40089)
command injection in viloliving (CVE-2024-40089). Successful exploitation can lead to full system takeover.
CVE-2024-9380 KEV [KEV] Command Injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380)
command injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-46084 Command Injection in scriptcase (CVE-2024-46084)
command injection in scriptcase (CVE-2024-46084). Successful exploitation can lead to full system takeover.
CVE-2024-44570 Command Injection in relyum (CVE-2024-44570)
command injection in relyum (CVE-2024-44570). Successful exploitation can lead to full system takeover.
CVE-2024-44572 Command Injection in relyum (CVE-2024-44572)
command injection in relyum (CVE-2024-44572). Successful exploitation can lead to full system takeover.
CVE-2024-44574 Command Injection in relyum (CVE-2024-44574)
command injection in relyum (CVE-2024-44574). Successful exploitation can lead to full system takeover.
CVE-2024-44577 Command Injection in relyum (CVE-2024-44577)
command injection in relyum (CVE-2024-44577). Successful exploitation can lead to full system takeover.
CVE-2024-44916 Command Injection in seacms (CVE-2024-44916)
command injection in seacms (CVE-2024-44916). Successful exploitation can lead to full system takeover.
CVE-2024-35401 Command Injection in totolink (CVE-2024-35401)
command injection in totolink (CVE-2024-35401). Risk of unauthorized operations or information disclosure.
CVE-2024-35397 Command Injection in totolink (CVE-2024-35397)
command injection in totolink (CVE-2024-35397). Successful exploitation can lead to full system takeover.
CVE-2024-28328 Command Injection in CVE-2024-28328 (CVE-2024-28328)
command injection in CVE-2024-28328 (CVE-2024-28328). Risk of unauthorized operations or information disclosure.
CVE-2024-3400 KEV [KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-3273 KEV [KEV] Command Injection in D-link multiple-nas-devices (CVE-2024-3273)
command injection in D-link multiple-nas-devices (CVE-2024-3273). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →