1086 matches found
EUVD-2024-48171
Malicious code in bioql PyPI...
EUVD-2023-58635
Malicious code in bioql PyPI...
EUVD-2024-51148
Malicious code in bioql PyPI...
EUVD-2024-54134
Malicious code in bioql PyPI...
EUVD-2023-32770
Malicious code in bioql PyPI...
EUVD-2021-9793
Malicious code in bioql PyPI...
CVE-2025-59736 Multiple vulnerabilities in AndSoft's e-TMS
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/clt/LOGINFRMDJO.ASP'...
AndSoft e-TMS 命令注入漏洞
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability, which is due to program misuse of parameter m in file /CLT/LOGINERRORFRM.ASP, and can be exploited by an attacker to execute operating system comman...
TOTOLINK X6000R 安全漏洞
The TOTOLINK X6000R is a wireless router from TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X6000R V9.4.0cu.1458B20250708 and prior versions, which stems from a failure to properly filter special elements in user input. An attacker can exploit this vulnerability...
CVE-2025-37129
A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system if the feature is...
CVE-2025-10589
The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server...
CVE-2025-10265
Digiever Digiever NVR devices are affected by CVE-2025-10265, an OS command injection vulnerability in the NVR OS that enables authenticated remote attackers to inject and execute arbitrary commands. The issue is described as affecting certain NVR models, with network access required and low priv...
CVE-2025-9997
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session...
CVE-2025-9997
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session...
SAP NetWeaver 代码问题漏洞
SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform mainly for SAP applications to provide development and runtime environment. A deserialization vulnerability exists in SAP NetWeaver, which arises from unsafe deserialization of...
CVE-2025-7388
It was possible to perform Remote Command Execution RCE via Java RMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and execute OS commands under the delegated authority of the AdminServer process. An RMI interface permitted manipulation of a configuration property...
Command Injection
Overview TkEasyGUI is a TkEasyGUI is simple GUI Library for Python3 with Tkinter Affected versions of this package are vulnerable to Command Injection via improper neutralization of special elements in the popupnotify method. An attacker can execute arbitrary operating system commands by sending...
Exploit for CVE-2025-56803
CVE-2025-56803 Command Injection Vulnerability via Plugin...
CVE-2025-54762
SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges...
DOS & CO SS1 代码问题漏洞
DOS & CO SS1 is an asset management tool from DOS & CO Japan. A code issue vulnerability exists in DOS & CO SS1 version 16.0.0.10 and earlier, which originates from allowing remote unauthenticated attackers to upload arbitrary files and execute OS commands with SYSTEM privileges...