Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shell vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-33343
D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote malicious users to execute arbitrary commands via shell.
NA
CVE-2024-33344
D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote malicious users to execute arbitrary commands via shell.
NA
CVE-2024-4163
The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal (IGX). However, it exists that the process was running under root privileges. This allowed the malicious user to read, write, and modify any file in the operating system by utilizing the limit...
NA
CVE-2024-32651
changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command with...
NA
CVE-2023-31090
Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Upload a Web Shell to a Web Server.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): ...
NA
CVE-2024-32653
jadx is a Dex to Java decompiler. Prior to version 1.5.0, the package name is not filtered before concatenation. This can be exploited to inject arbitrary code into the package name. The vulnerability allows an malicious user to execute commands with shell privileges. Version 1.5...
NA
CVE-2023-38290
Certain software builds for the BLU View 2 and Sharp Rouvo V Android devices contain a vulnerable pre-installed app with a package name of com.evenwell.fqc (versionCode='9020801', versionName='9.0208.01' ; versionCode='9020913', versionName='9.0...
NA
CVE-2023-38294
Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory (versionCode='7', versionName='1.8.0(220310_1027)') that allows local third-party apps to execute ar...
6.8
CVSSv3
CVE-2023-40146
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials a...
NA
CVE-2023-52711
A Huawei PC product has a vulnerability in improper interface access control. Successful exploitation of this vulnerability may cause SMM leaks. Attackers can exploit this vulnerability to boot the UEFI shell and cause memory leaks.(Vulnerability ID:HWPSIRT-2023-64955) This vulne...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »