Export limit exceeded: 19429 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19429 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22882 | 1 Deltaww | 1 Ispsoft | 2025-08-25 | 7.8 High |
| Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file. | ||||
| CVE-2025-54133 | 2 Anysphere, Cursor | 2 Cursor, Cursor | 2025-08-25 | 9.6 Critical |
| Cursor is a code editor built for programming with AI. In versions 1.17 through 1.2, there is a UI information disclosure vulnerability in Cursor's MCP (Model Context Protocol) deeplink handler, allowing attackers to execute 2-click arbitrary system commands through social engineering attacks. When users click malicious `cursor://anysphere.cursor-deeplink/mcp/install` links, the installation dialog does not show the arguments being passed to the command being run. If a user clicks a malicious deeplink, then examines the installation dialog and clicks through, the full command including the arguments will be executed on the machine. This is fixed in version 1.3. | ||||
| CVE-2025-54136 | 2 Anysphere, Cursor | 2 Cursor, Cursor | 2025-08-25 | 7.2 High |
| Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a collaborator accepts a harmless MCP, the attacker can silently swap it for a malicious command (e.g., calc.exe) without triggering any warning or re-prompt. If an attacker has write permissions on a user's active branches of a source repository that contains existing MCP servers the user has previously approved, or allows an attacker has arbitrary file-write locally, the attacker can achieve arbitrary code execution. This is fixed in version 1.3. | ||||
| CVE-2025-54135 | 2 Anysphere, Cursor | 2 Cursor, Cursor | 2025-08-25 | 8.6 High |
| Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions below 1.3.9, If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive MCP files, such as the .cursor/mcp.json file don't already exist in the workspace, an attacker can chain a indirect prompt injection vulnerability to hijack the context to write to the settings file and trigger RCE on the victim without user approval. This is fixed in version 1.3.9. | ||||
| CVE-2025-27392 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-08-25 | 7.2 High |
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device. | ||||
| CVE-2025-9340 | 1 Bouncycastle | 1 Legion-of-the-bouncy-castle-fips-java-api | 2025-08-24 | 5.9 Medium |
| Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher. This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0. | ||||
| CVE-2025-3128 | 1 Mitsubishielectric | 1 Smartrtu | 2025-08-23 | 9.8 Critical |
| A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS commands to disclose, tamper with, destroy or delete information in Mitsubishi Electric smartRTU, or cause a denial-of service condition on the product. | ||||
| CVE-2025-57771 | 1 Roocode | 1 Roo-code | 2025-08-23 | 8.1 High |
| Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution for a command such as ls, an attacker who can submit crafted prompts to the agent may inject arbitrary commands to be executed alongside the intended command. Exploitation requires attacker access to submit prompts and for the user to have enabled auto-approved command execution, which is disabled by default. This vulnerability could allow an attacker to execute arbitrary code. The issue is fixed in version 3.25.5. | ||||
| CVE-2010-20115 | 2 Arcane Software, Microsoft | 2 Vermillion Ftp Daemon, Windows | 2025-08-23 | N/A |
| Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and potentially execute arbitrary code. Exploitation requires direct access to the FTP service and is constrained by a single execution attempt if the daemon is installed as a Windows service. | ||||
| CVE-2025-6181 | 2 Microsoft, Strongdm | 2 Windows, Sdm-cli | 2025-08-22 | N/A |
| The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could potentially exploit this leading to privilege escalation. | ||||
| CVE-2025-6183 | 2 Apple, Strongdm | 2 Macos, Sdm-cli | 2025-08-22 | N/A |
| The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could potentially modify macOS system configuration by crafting a malicious JSON message. | ||||
| CVE-2025-27393 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-08-22 | 7.2 High |
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device. | ||||
| CVE-2025-27394 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-08-22 | 7.2 High |
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new SNMP users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device. | ||||
| CVE-2025-27398 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-08-22 | 2.7 Low |
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem. | ||||
| CVE-2025-53637 | 1 Meshtastic | 2 Firmware, Meshtastic Firmware | 2025-08-22 | 4.1 Medium |
| Meshtastic is an open source mesh networking solution. The main_matrix.yml GitHub Action is triggered by the pull_request_target event, which has extensive permissions, and can be initiated by an attacker who forked the repository and created a pull request. In the shell code execution part, user-controlled input is interpolated unsafely into the code. If this were to be exploited, attackers could inject unauthorized code into the repository. This vulnerability is fixed in 2.6.6. | ||||
| CVE-2025-50054 | 1 Openvpn | 1 Ovpn-dco-win | 2025-08-21 | 5.5 Medium |
| Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash | ||||
| CVE-2018-25032 | 13 Apple, Azul, Debian and 10 more | 47 Mac Os X, Macos, Zulu and 44 more | 2025-08-21 | 7.5 High |
| zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | ||||
| CVE-2024-4507 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium |
| A vulnerability was found in Ruijie RG-UAC up to 20240428 and classified as critical. This issue affects some unknown processing of the file /view/IPV6/ipv6StaticRoute/static_route_add_ipv6.php. The manipulation of the argument text_prefixlen/text_gateway/devname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263111. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4255 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium |
| A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262145 was assigned to this vulnerability. | ||||
| CVE-2024-4508 | 1 Ruijie | 55 Rg-uac, Rg-uac 6000-cc, Rg-uac 6000-cc Firmware and 52 more | 2025-08-21 | 4.7 Medium |
| A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been classified as critical. Affected is an unknown function of the file /view/IPV6/ipv6StaticRoute/static_route_edit_ipv6.php. The manipulation of the argument oldipmask/oldgateway/olddevname leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263112. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||