33 matches found
EUVD-2017-9550
Malware in sbrugna...
EUVD-2020-25610
Malware in sbrugna...
EUVD-2020-25948
Malware in sbrugna...
EUVD-2016-5939
Malware in sbrugna...
EUVD-2019-7281
Malware in sbrugna...
EUVD-2017-8486
Malware in sbrugna...
EUVD-2019-3359
Malware in sbrugna...
EUVD-2017-12990
Malware in sbrugna...
CVE-2012-10041
WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script passes unsanitized input from the pc POST parameter to shell_exec(), allowing remote command execution as the www-data user. Additionally, a SUID-root binary named dosu is vulnerable to command...
PT-2025-32053 · Kenwood · Kenwood Dmx958Xr
Name of the Vulnerable Software and Affected Versions: Kenwood DMX958XR affected versions not specified Description: This issue allows physically present attackers to execute arbitrary code on affected Kenwood DMX958XR devices without authentication. The flaw resides in the firmware update proces...
CVE-2025-46093
LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 setuid and setgid, which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration...
NewStart CGSL MAIN 7.02 : cups Multiple Vulnerabilities (NS-SA-2025-0113)
The remote NewStart CGSL host, running version MAIN 7.02, has cups packages installed that are affected by multiple vulnerabilities: - Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow a...
CVE-2023-22598
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'. An unauthorized user with privileged access to the...
CVE-2017-18463
cPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path SEC-225...
CVE-2025-26389
A vulnerability has been identified in OZW672 All versions V8.0, OZW772 All versions V8.0. The web service in affected devices does not sanitize the input parameters required for the exportDiagramPage endpoint. This could allow an unauthenticated remote attacker to execute arbitrary code with roo...
CVE-2025-28201
An issue in Victure RX1800 ENV1.0.0r12110933 allows physically proximate attackers to execute arbitrary code or gain root access...
Vulnerabilities fixed in F5 BIG-IP
F5 has fixed vulnerabilities in BIG-IP. A malicious party could exploit the vulnerabilities to launch attacks that could lead to the following categories of damage: - Denial-of-Service DoS. - Circumvention of a security measure - Execution of arbitrary code Root/admin - Execution of arbitrary cod...
CVE-2022-28743
Time-of-check Time-of-use TOCTOU Race Condition vulerability in Foscam R2C IP camera running System FW = 1.13.1.6, and Application FW = 2.91.2.66, allows an authenticated remote attacker with administrator permissions to execute arbitrary remote code via a malicious firmware patch. The impact of...
CVE-2024-7589 OpenSSH pre-authentication async signal safety issue
A signal handler in sshd8 may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds 120 by default. This signal handler executes in the context of the sshd8's privileged code, which is not sandbox...
CVE-2023-48257
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution RCE with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticate...