25207 matches found
CVE-2025-13193
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability. Mitigation Mitigation for this issue is either...
CVE-2025-13284
ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...
CVE-2025-13284 ThinPLUS|ThinPLUS - OS Command Injection
ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...
EUVD-2025-197757
ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...
Mozilla Thunderbird Security Update (mfsa_2025-90) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Maxum Rumpus FTP Server 操作系统命令注入漏洞
Maxum Rumpus FTP Server is an FTP server software from Maxum. An operating system command injection vulnerability exists in Maxum Rumpus FTP Server version 9.0.12, which stems from improper neutralization of a special element and can lead to OS command injection...
PT-2025-47179
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The software contains a flaw related to improper neutralization of special elements used in an OS command, potentially leading to OS command injection. This iss...
CVE-2025-8870
On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153...
Photon OS 5.0: Linux PHSA-2025-5.0-0679
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0679. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Samba PHSA-2025-5.0-0648
An update of the samba package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0648. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2025-36251
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...
CVE-2025-13123
A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-64444
Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute an arbitrary OS...
EUVD-2025-180541
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...
PT-2025-46941
Name of the Vulnerable Software and Affected Versions NCP-HG100 versions 1.4.48.16 and earlier Description An issue exists where special elements are not properly neutralized when used in operating system commands, potentially leading to OS Command Injection. A remote attacker who has valid...
PT-2025-46974
Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description Certain serial console input on affected platforms running Arista EOS may cause an unexpected reload of the device. Recommendations At the moment, there is no information about a newer...
Arista EOS 安全漏洞
Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista USA. A security vulnerability exists in Arista EOS that stems from improper handling of serial console inputs, which could result in an unexpected reboot of the device...
Unspecified Vulnerability in AXIS OS
AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from a third-party component exposing passwords in process parameters, which can be exploited by an attacker to cause low-privilege user access...
CVE-2025-36251
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347...
CVE-2025-36096
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...