165 matches found
EUVD-2024-50278
Malicious code in bioql PyPI...
EUVD-2025-25251
Malicious code in bioql PyPI...
EUVD-2024-16121
Malicious code in bioql PyPI...
CVE-2025-10767
A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the function connect/remoteupload/remotedownload of the file main.py of the component Configuration File Handler. The manipulation of the argument configuration"PASSWORD" results in os command injection. The...
PT-2025-38667
Name of the Vulnerable Software and Affected Versions CosmodiumCS OnlyRAT versions prior to 3.3 Description A vulnerability exists in CosmodiumCS OnlyRAT. The connect/remote upload/remote download function within the main.py file of the Configuration File Handler component is affected. Manipulati...
CVE-2025-9176
A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the...
CVE-2025-9176
CVE-2025-9176 affects neurobin shc up to version 4.0.3. The vulnerability is in the Environment Variable Handler, specifically the make function in src/shc.c, enabling local OS command injection. Exploitation requires local access, and public exploits/ PoC are mentioned in multiple sources. Remed...
CVE-2025-9174
A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...
CVE-2025-9174 neurobin shc Filename shc.c make os command injection
A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...
CVE-2025-9174 neurobin shc Filename shc.c make os command injection
A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...
PT-2025-33886 · Unknown · Neurobin Shc
Name of the Vulnerable Software and Affected Versions: neurobin shc versions through 4.0.3 Description: A security flaw has been discovered in the Environment Variable Handler component of neurobin shc. The make function within the src/shc.c file is affected, resulting in operating system command...
Linux Distros Unpatched Vulnerability : CVE-2025-1369
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Affected by this vulnerability is an unknown functionality of the...
NewStart CGSL MAIN 7.02 : emacs Multiple Vulnerabilities (NS-SA-2025-0115)
The remote NewStart CGSL host, running version MAIN 7.02, has emacs packages installed that are affected by multiple vulnerabilities: - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C...
CVE-2025-7883
A vulnerability classified as critical has been found in Eluktronics Control Center 5.23.51.41. Affected is an unknown function of the file \AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to command injection. Attacking locally is a...
CVE-2023-3097
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been rated as critical. This issue affects the function setMainSource. The manipulation leads to os command injection. Local access is required to approach this attack. The exploit has been disclosed to the public...
CVE-2023-2091
A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function adjustcpufreqscalinggoverner. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been...
Linux Distros Unpatched Vulnerability : CVE-2022-48338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The...
Dell ThinOS 命令注入漏洞
Dell ThinOS is a client operating system from the American company Dell. A command injection vulnerability exists in Dell ThinOS version 2408, which stems from improper neutralization of special elements, and can be exploited by an attacker with local access rights to cause command execution...
CVE-2024-9145
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz legacy Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked as a "trusted folder"...
CVE-2024-9145 Local command injection in Wiz Code Visual Studio Code extension
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz legacy Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked as a "trusted folder"...