CVE-2025-58380

A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories...

CVE-2025-58380 Directory transversal vulnerability in Brocade Fabric OS before 9.2.1 using grep command

A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories...

CVE-2026-0383 Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

CVE-2025-61652

Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from before 1.43.4, 1.44.1...

Broadcom Brocade Fabric OS 安全漏洞

Broadcom Brocade Fabric OS FOS is an embedded operating system used in switches and routers by Broadcom Corporation. Versions of Broadcom Brocade Fabric OS prior to 9.2.1c3 contained security vulnerabilities. These vulnerabilities stemmed from the export options enabled by the seccertmgmt and...

PT-2026-5772

A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories...

PT-2026-5768

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

PT-2026-5758

A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind command, to escalate privileges and bypass security controls allowing the execution of arbitrary commands...

PT-2026-5756

Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated attacker to reveal command line passwords using commands that may expose higher privilege sensitive information by a lower privileged user...

PT-2026-6108

Name of the Vulnerable Software and Affected Versions WRC-X1500GS-B WRC-X1500GSA-B Description An OS command injection issue exists in WRC-X1500GS-B and WRC-X1500GSA-B. A specially crafted request originating from an authenticated user could allow for the execution of arbitrary OS commands...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1228)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-36366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject...

Improper Control of Dynamically-Managed Code Resources

Overview Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the Groovy Sandbox. An attacker can execute arbitrary operating system commands by injecting malicious Groovy elements to bypass sandbox restrictions. Remediation Upgrade...

Crafter CMS has Improper Control of Dynamically-Managed Code Resources

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...

CVE-2026-22223

An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...

CVE-2026-0630

An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules and Archer AXE75 v1.0 allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise o...

CVE-2026-0631

The CVE-2026-0631 issue affects TP-Link Archer BE230 v1.2 (vpn modules) with firmware older than 1.2.4 Build 20251218 rel.70420. It is described as an OS Command Injection that allows an adjacent authenticated attacker to execute arbitrary code, potentially gaining full administrative control and...

CVE-2026-1770

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...

CVE-2026-1770

CVE-2026-1770 affects Crafter CMS, specifically Crafter Studio. The vulnerability arises from Improper Control of Dynamically-Managed Code Resources via the Groovy Sandbox, enabling authenticated developers to insert malicious Groovy code to bypass sandbox restrictions and achieve Remote Code Exe...

CVE-2025-47366

Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input...