Search

Search Results (364258 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-29955 1 Cloudark 1 Kubeplus 2026-06-17 8.8 High
The `/registercrd` endpoint in KubePlus 4.14 in the kubeconfiggenerator component is vulnerable to command injection. The component uses `subprocess.Popen()` with `shell=True` parameter to execute shell commands, and the user-supplied `chartName` parameter is directly concatenated into the command string without any sanitization or validation. An attacker can inject arbitrary shell commands by crafting a malicious `chartName` parameter value.
CVE-2026-41015 1 Radare 1 Radare2 2026-06-17 7.4 High
radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git (not a release), the date range for the vulnerable code was less than a week, occurring after 6.1.2 but before 6.1.3.
CVE-2026-26943 1 Dell 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance 2026-06-17 7.2 High
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
CVE-2026-22761 1 Dell 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance 2026-06-17 6.7 Medium
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
CVE-2026-38835 1 Tenda 2 W30e, W30e Firmware 2026-06-17 9.8 Critical
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2026-36983 1 Dlink 2 Dcs-932l, Dcs-932l Firmware 2026-06-17 7.3 High
D-Link DCS-932L v2.18.01 is vulnerable to Command Injection in the function sub_42EF14 of the file /bin/alphapd. The manipulation of the argument LightSensorControl leads to command injection.
CVE-2026-35506 1 Elecom 4 Wrc-be65qsd-b, Wrc-be72xsd-b, Wrc-be72xsd-ba and 1 more 2026-06-17 N/A
ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of ping_ip_addr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed.
CVE-2026-42062 1 Elecom 4 Wrc-be65qsd-b, Wrc-be72xsd-b, Wrc-be72xsd-ba and 1 more 2026-06-17 N/A
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required.
CVE-2026-39054 1 Oinone 1 Pamirs 2026-06-17 7.3 High
Oinone Pamirs 7.0.0 contains a command injection vulnerability in CommandHelper.executeCommands. The method starts a shell process and writes attacker-controlled command strings directly to the process standard input without sanitization. In affected deployments, this can result in arbitrary operating system command execution.
CVE-2026-38065 2026-06-17 9.8 Critical
Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_ims_on_with_apn via the ims_apn parameter.
CVE-2026-0628 1 Google 1 Chrome 2026-06-17 8.8 High
Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
CVE-2026-20759 1 Toa Corporation 1 Trifora 3 Series 2026-06-17 N/A
OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low("monitoring user") or higher privilege to execute an arbitrary OS command.
CVE-2026-24788 1 Raspap 1 Raspap-webgui 2026-06-17 N/A
RaspAP raspap-webgui versions prior to 3.3.6 contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed by a user who can log in to the product.
CVE-2026-25616 2 Blesta, Phillipsdata 2 Blesta, Blesta 2026-06-17 4.7 Medium
Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665.
CVE-2026-46173 1 Linux 1 Linux Kernel 2026-06-17 7.8 High
In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASK_DEAD task When an already-exiting task oopses, make_task_dead() currently calls do_task_dead() with preemption enabled. That is forbidden: do_task_dead() calls __schedule(), which has a comment saying "WARNING: must be called with preemption disabled!". If an oopsing task is preempted in do_task_dead(), between becoming TASK_DEAD and entering the scheduler explicitly, bad things happen: finish_task_switch() assumes that once the scheduler has switched away from a TASK_DEAD task, the task can never run again and its stack is no longer needed; but that assumption apparently doesn't hold if the dead task was preempted (the SM_PREEMPT case). This means that the scheduler ends up repeatedly dropping references on the dead task's stack, which can lead to use-after-free or double-free of the entire task stack; in other words, two tasks can end up running on the same stack, resulting in various kinds of memory corruption. (This does not just affect "recursively oopsing" tasks; it is enough to oops once during task exit, for example in a file_operations::release handler)
CVE-2023-40132 1 Google 1 Android 2026-06-17 7.8 High
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content providers read permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2023-40108 1 Google 1 Android 2026-06-17 5.5 Medium
In multiple locations, there is a possible way to access media content belonging to another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-41276 2 Waterfall, Waterfall-security 3 Wf-500, Wf-500, Wf-500 Firmware 2026-06-17 9.8 Critical
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device.
CVE-2026-36933 2026-06-17 6.8 Medium
An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature.
CVE-2026-12398 1 Redhat 1 Ansible Automation Platform 2026-06-17 7.5 High
A command injection vulnerability was found in galaxy_ng. The do_git_checkout() function in the legacy role import API (v1) interpolates unsanitized git ref names (branch/tag names) into shell commands executed via subprocess.run() with shell=True. An authenticated user who controls a git repository can create a branch or tag with shell metacharacters in the name to achieve remote code execution on the pulp worker. The vulnerable endpoint is only reachable when GALAXY_ENABLE_LEGACY_ROLES is set to True, which is not the default configuration.