Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-60671 |
|
Command Injection in dlink (CVE-2025-60671)
command injection in dlink (CVE-2025-60671). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60682 |
|
Command Injection in totolink (CVE-2025-60682)
command injection in totolink (CVE-2025-60682). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60683 |
|
Command Injection in totolink (CVE-2025-60683)
command injection in totolink (CVE-2025-60683). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60687 |
|
Command Injection in totolink (CVE-2025-60687)
command injection in totolink (CVE-2025-60687). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60689 |
|
Command Injection in linksys (CVE-2025-60689)
command injection in linksys (CVE-2025-60689). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60838 |
|
Command Injection in mingsoft (CVE-2025-60838)
command injection in mingsoft (CVE-2025-60838). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4008 KEV |
|
[KEV] Vulnerability in Smartbedded meteobridge (CVE-2025-4008)
vulnerability in Smartbedded meteobridge (CVE-2025-4008). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-59689 KEV |
|
[KEV] Command Injection in Libraesva email-security-gateway (CVE-2025-59689)
command injection in Libraesva email-security-gateway (CVE-2025-59689). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-10035 KEV |
|
[KEV] Unsafe Deserialization in Fortra goanywhere-mft (CVE-2025-10035)
vulnerability in Fortra goanywhere-mft (CVE-2025-10035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-57685 |
|
Command Injection in CVE-2025-57685 (CVE-2025-57685)
command injection in CVE-2025-57685 (CVE-2025-57685). Successful exploitation can lead to full system takeover.
|
| CVE-2024-48705 |
|
Command Injection in wavlink (CVE-2024-48705)
command injection in wavlink (CVE-2024-48705). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-57105 |
|
Command Injection in dlink (CVE-2025-57105)
command injection in dlink (CVE-2025-57105). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25079 KEV |
|
[KEV] Command Injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079)
command injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-25691 |
|
Command Injection in deserialization (CVE-2025-25691)
command injection in deserialization (CVE-2025-25691). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25692 |
|
Command Injection in deserialization (CVE-2025-25692)
command injection in deserialization (CVE-2025-25692). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45619 |
|
Command Injection in averusa (CVE-2025-45619)
command injection in averusa (CVE-2025-45619). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-10033 KEV |
|
[KEV] Command Injection in php (CVE-2016-10033)
command injection in php (CVE-2016-10033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-52904 |
|
Command Injection in github.com/filebrowser/filebrowser/v2 (CVE-2025-52904)
command injection in github.com/filebrowser/filebrowser/v2 (CVE-2025-52904). Successful exploitation can lead to full system takeover. Exploitable via ``grep``. Mitigation: upgrade to `2.33.8` or later.
|
| CVE-2025-45931 |
|
Command Injection in dlink (CVE-2025-45931)
command injection in dlink (CVE-2025-45931). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52903 |
|
Vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903). Successful exploitation can lead to full system takeover. Exploitable via ``find``. Mitigation: upgrade to `2.33.10` or later.
|
| CVE-2023-33538 KEV |
|
[KEV] Command Injection in Tp-link multiple-routers (CVE-2023-33538)
command injection in Tp-link multiple-routers (CVE-2023-33538). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-25504 |
|
Command Injection in niceforyou (CVE-2025-25504)
command injection in niceforyou (CVE-2025-25504). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-20118 KEV |
|
[KEV] Command Injection in Cisco small-business-rv-series-routers (CVE-2023-20118)
command injection in Cisco small-business-rv-series-routers (CVE-2023-20118). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-25802 |
|
Command Injection in seacms (CVE-2025-25802)
command injection in seacms (CVE-2025-25802). Data can be tampered with by attackers.
|
| CVE-2025-25813 |
|
Command Injection in seacms (CVE-2025-25813)
command injection in seacms (CVE-2025-25813). Data can be tampered with by attackers.
|
| CVE-2025-25791 |
|
Command Injection in yzncms (CVE-2025-25791)
command injection in yzncms (CVE-2025-25791). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25792 |
|
Command Injection in seacms (CVE-2025-25792)
command injection in seacms (CVE-2025-25792). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25793 |
|
Command Injection in seacms (CVE-2025-25793)
command injection in seacms (CVE-2025-25793). Data can be tampered with by attackers.
|
| CVE-2025-25794 |
|
Command Injection in seacms (CVE-2025-25794)
command injection in seacms (CVE-2025-25794). Data can be tampered with by attackers.
|
| CVE-2025-25796 |
|
Command Injection in seacms (CVE-2025-25796)
command injection in seacms (CVE-2025-25796). Data can be tampered with by attackers.
|
| CVE-2025-25797 |
|
Command Injection in seacms (CVE-2025-25797)
command injection in seacms (CVE-2025-25797). Data can be tampered with by attackers.
|
| CVE-2024-12251 |
|
Command Injection in telerik (CVE-2024-12251)
command injection in telerik (CVE-2024-12251). Successful exploitation can lead to full system takeover.
|
| CVE-2024-48419 |
|
Command Injection in edimax (CVE-2024-48419)
command injection in edimax (CVE-2024-48419). Successful exploitation can lead to full system takeover.
|
| CVE-2025-22912 |
|
Command Injection in edimax (CVE-2025-22912)
command injection in edimax (CVE-2025-22912). Successful exploitation can lead to full system takeover.
|
| CVE-2024-12356 KEV |
|
[KEV] Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356)
command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-9474 KEV |
|
[KEV] Command Injection in Palo alto networks palo-alto-networks (CVE-2024-9474)
command injection in Palo alto networks palo-alto-networks (CVE-2024-9474). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-10035 |
|
Command Injection in privilege-escalation (CVE-2024-10035)
command injection in privilege-escalation (CVE-2024-10035). Successful exploitation can lead to full system takeover.
|
| CVE-2024-40089 |
|
Command Injection in viloliving (CVE-2024-40089)
command injection in viloliving (CVE-2024-40089). Successful exploitation can lead to full system takeover.
|
| CVE-2024-9380 KEV |
|
[KEV] Command Injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380)
command injection in Ivanti cloud-services-appliance-csa (CVE-2024-9380). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-46084 |
|
Command Injection in scriptcase (CVE-2024-46084)
command injection in scriptcase (CVE-2024-46084). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44570 |
|
Command Injection in relyum (CVE-2024-44570)
command injection in relyum (CVE-2024-44570). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44572 |
|
Command Injection in relyum (CVE-2024-44572)
command injection in relyum (CVE-2024-44572). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44574 |
|
Command Injection in relyum (CVE-2024-44574)
command injection in relyum (CVE-2024-44574). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44577 |
|
Command Injection in relyum (CVE-2024-44577)
command injection in relyum (CVE-2024-44577). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44916 |
|
Command Injection in seacms (CVE-2024-44916)
command injection in seacms (CVE-2024-44916). Successful exploitation can lead to full system takeover.
|
| CVE-2024-35401 |
|
Command Injection in totolink (CVE-2024-35401)
command injection in totolink (CVE-2024-35401). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-35397 |
|
Command Injection in totolink (CVE-2024-35397)
command injection in totolink (CVE-2024-35397). Successful exploitation can lead to full system takeover.
|
| CVE-2024-28328 |
|
Command Injection in CVE-2024-28328 (CVE-2024-28328)
command injection in CVE-2024-28328 (CVE-2024-28328). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-3400 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-3273 KEV |
|
[KEV] Command Injection in D-link multiple-nas-devices (CVE-2024-3273)
command injection in D-link multiple-nas-devices (CVE-2024-3273). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|