CVE-2026-11848

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

CVE-2026-11848

CVE-2026-11848 concerns IEI Integration Corp’s iRM-IEI Remote Management. The publicly documented vulnerability is Missing Authentication, allowing unauthenticated remote attackers to access a function that reveals partial system configuration information. Candidate details across sources indicat...

EUVD-2026-36409

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

SUSE CVE-2026-40034

gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...

CVE-2026-40034

gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...

UBUNTU-CVE-2026-40034

gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...

CVE-2026-40034

gix-submodule before 0.82.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An attacker can inject arbitrary shell commands vi...

CVE-2026-40034

CVE-2026-40034 affects gix-submodule (gitoxide) prior to 0.82.0. The vulnerability arises because update in .gitmodules is not properly validated, allowing an attacker who has initialized a submodule with partial configuration in .git/config to bypass the CommandForbiddenInModulesConfiguration gu...

CVE-2026-40034 gitoxide - Command Injection via Partial .gitmodules Override in gix-submodule

gix-submodule before 0.82.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An attacker can inject arbitrary shell commands vi...

CVE-2022-25594

Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information...

CVE-2018-12337

Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation...