225 matches found
SolarView 6.00 - Remote Command Execution
SolarView Compact 6.00 is vulnerable to a command injection via networktest.php. id: CVE-2022-40881 info: name: SolarView 6.00 - Remote Command Execution author: For3stCo1d severity: critical description: | SolarView Compact 6.00 is vulnerable to a command injection via networktest.php. impact: |...
TOTOLINK A3700R - Command Injection
An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. id: CVE-2023-46574 info: name: TOTOLINK A3700R - Command Injection author: DhiyaneshDk severity: critical description: | An issue in...
Western Digital MyCloud NAS - Command Injection
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/googleanalytics.php URL via a modified arg parameter in the POST data. id: CVE-2016-10108 info: name: Western Digital MyCloud NAS - Command Injection author: DhiyaneshDk severity: critical...
CVE-2025-68926
RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable...
CVE-2025-68926
CVE-2025-68926 – RustFS hardcoded gRPC token authentication bypass . Affected RustFS versions prior to 1.0.0-alpha.78 expose a publicly visible hardcoded token, “rustfs rpc”, used for gRPC authentication on both client and server. The token is non-configurable and identical across deployments, en...
CVE-2025-68926 RustFS has a gRPC Hardcoded Token Authentication Bypass
RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable...
CVE-2025-68926 RustFS has a gRPC Hardcoded Token Authentication Bypass
RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable...
[SECURITY] Fedora 43 Update: brotli-1.2.0-1.fc43
Brotli is a generic-purpose lossless compression algorithm that compresses da ta using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the be st currently available general-purpose compression methods. ...
Malicious code in hariyono-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29d4c3eda6b2a29c068aa8b9dceb4af1fc8cfe98fb3d3ddfd2d3b88bc0d6c288 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in alvira-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d55e6ecc47c30ab19f59b280c495c0cf459f7fca3fcc3cd7086d4ba7d2cc10a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in billa-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a86426e39463ea719240dc1424bcca870783f96fb7c339373f8d7b3cdaa675d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in aril-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb72ce415cfe23952cf69b25239fe0918cdbc1d23c11bec56aec8b2cdc8c418 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in alvino-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 620e970886fd007eba5d49d01b472db10a5943f9f3398d058c5b96399fa22a08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kentung-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 435c587df5676d0710608509372d0e6e2867eef1adc17e718ecd7cc16186d412 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rita-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d50b4cbdc3fc2f3ddef9745dcc1b1935452db34328cfa924f0b31bed00672b50 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-157561 Malicious code in kentung-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 435c587df5676d0710608509372d0e6e2867eef1adc17e718ecd7cc16186d412 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-153730 Malicious code in billa-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a86426e39463ea719240dc1424bcca870783f96fb7c339373f8d7b3cdaa675d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-152438 Malicious code in alvino-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 620e970886fd007eba5d49d01b472db10a5943f9f3398d058c5b96399fa22a08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-152520 Malicious code in alvira-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d55e6ecc47c30ab19f59b280c495c0cf459f7fca3fcc3cd7086d4ba7d2cc10a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-153877 Malicious code in bitha-77 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6c633cca96ab31064e79577677a85a343024b2cd391a8b09119191162cd885e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...