113 matches found
EUVD-2026-29030
A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfilemgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...
CVE-2026-27673 Missing Authorization Check in SAP S/4HANA (Private Cloud and On-Premise)
Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...
Fickling has safety check bypass via REDUCE+BUILD opcode sequence
Assessment It is believed that the analysis pass works as intended, REDUCE and BUILD are not at fault here. The few potentially unsafe modules have been added to the blocklist https://github.com/trailofbits/fickling/commit/0c4558d950daf70e134090573450ddcedaf10400. Original report Summary All 5 of...
CVE-2026-23205
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...
CVE-2026-23205
The CVE-2026-23205 entry describes a memory leak in the Linux kernel SMB/CIFS client (smb2_open_file()). The provided reproducer shows a scenario with a read-only CIFS export, client mount, and module removal that triggers a leak during cleanup of SMB request buffers, leading to a kmem_cache leak...
GO-2026-4415 Alist vulnerable to Path Traversal in multiple file operation handlers in github.com/alist-org/alist
Alist vulnerable to Path Traversal in multiple file operation handlers in github.com/alist-org/alist...
CVE-2025-14500
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
EUVD-2025-205006
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2025-14500
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2025-14500 IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2025-14500 IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2025-14500
IceWarp14 is affected by a remote code execution vulnerability in the X-File-Operation header handling. The flaw stems from insufficient validation of a user-supplied string used to invoke a system call, allowing an attacker to execute code in the context of SYSTEM without authentication. This is...
IceWarp 操作系统命令注入漏洞
IceWarp is an integrated enterprise communication and collaboration platform from IceWarp, a Czech company, designed to provide organizations with a variety of tools and features to support internal and external communication, collaboration and business processes. IceWarp suffers from an operatin...
PT-2025-50579
Name of the Vulnerable Software and Affected Versions IceWarp versions prior to 9.14.2.0.9 Description This issue is a command injection flaw in the handling of the X-File-Operation header. It allows remote attackers to execute arbitrary code on affected IceWarp installations without...
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the X-File-Operation header. The issue results from the lack of proper validatio...
EUVD-2010-1788
Malware in sbrugna...
EUVD-2017-9504
Malware in sbrugna...
EUVD-2009-4786
Malware in sbrugna...
EUVD-2021-0942
Malware in sbrugna...
EUVD-2020-2263
Malware in sbrugna...