Latest CVE Feed
-
0.0
NACVE-2025-56110
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_deal_update in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56109
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56108
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56107
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submit_wifi in file /usr/lib/lua/luci/controller/admin/common_quick_config.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56106
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56102
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56101
OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56099
OS Command Injection vulnerability in Ruijie RG-YST AP_3.0(1)B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56098
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56097
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56096
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restart_modules in file /usr/lib/lua/luci/controller/admin/common.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56095
OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56094
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/host_access_delay.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56093
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-56092
OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
10.0
HIGHCVE-2025-14534
A vulnerability was determined in UTT 进取 512W up to 3.1.7.7-171114. This impacts the function strcpy of the file /goform/formNatStaticMap of the component Endpoint. Executing manipulation of the argument NatBind can lead to buffer overflow. The attack can... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Memory Corruption
-
5.3
MEDIUMCVE-2025-14531
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. T... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
9.1
CRITICALCVE-2025-13780
pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on t... Read more
Affected Products :- Published: Dec. 11, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
8.7
HIGHCVE-2024-58283
WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the Elfinder file manager. Attackers can exploit the file upload functionality in the elfinder connector to upl... Read more
Affected Products :- Published: Dec. 10, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection
-
8.6
HIGHCVE-2024-58282
Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a ... Read more
Affected Products : serendipity- Published: Dec. 10, 2025
- Modified: Dec. 11, 2025
- Vuln Type: Injection