251 matches found
CVE-2024-14010 Typora 1.7.4 OS Command Injection via Export PDF Preferences
Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...
Typora 操作系统命令注入漏洞
Typora is a Typora open source editor. An operating system command injection vulnerability exists in Typora version 1.7.4, which stems from a command injection in the PDF export preferences that could lead to the execution of arbitrary system commands...
PT-2025-50970
Name of the Vulnerable Software and Affected Versions Typora version 1.7.4 Description The software contains a command injection issue in the PDF export preferences. This allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input...
CVE-2025-65959 Open WebUI vulnerable to Stored DOM XSS via Note 'Download PDF'
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Stored XSS vulnerability was discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing...
CVE-2020-36867
Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF download/export functionality. User-supplied values used in the PDF generation pipeline or the wrapper that invokes offline/pdf helper utilities were insufficiently validated or improperly escaped,...
EUVD-2020-30811
Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF download/export functionality. User-supplied values used in the PDF generation pipeline or the wrapper that invokes offline/pdf helper utilities were insufficiently validated or improperly escaped,...
CVE-2020-36867
Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF download/export functionality. User-supplied values used in the PDF generation pipeline or the wrapper that invokes offline/pdf helper utilities were insufficiently validated or improperly escaped,...
CVE-2020-36867 Nagios XI < 5.7.3 Command Injection in Report PDF Download
Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF download/export functionality. User-supplied values used in the PDF generation pipeline or the wrapper that invokes offline/pdf helper utilities were insufficiently validated or improperly escaped,...
CVE-2020-36867 Nagios XI < 5.7.3 Command Injection in Report PDF Download
Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF download/export functionality. User-supplied values used in the PDF generation pipeline or the wrapper that invokes offline/pdf helper utilities were insufficiently validated or improperly escaped,...
CVE-2020-36867
Nagios XI before 5.7.3 has a command-injection vulnerability in the report PDF download/export path. User-supplied values in the PDF generation pipeline or the wrapper invoking offline/pdf tools are not sufficiently validated/escaped, allowing an authenticated attacker who can trigger PDF exports...
EUVD-2019-2205
Malware in sbrugna...
EUVD-2020-11820
Malware in sbrugna...
EUVD-2021-16083
Malware in sbrugna...
EUVD-2015-4826
Malware in sbrugna...
EUVD-2022-47486
Malicious code in bioql PyPI...
EUVD-2024-20712
Malicious code in bioql PyPI...
EUVD-2021-30210
Malicious code in bioql PyPI...
EUVD-2024-41641
Malicious code in bioql PyPI...
EUVD-2025-26129
Malicious code in bioql PyPI...
EUVD-2023-46814
Malicious code in bioql PyPI...