CVE-2026-21915 JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root

A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...

PT-2026-3788

Name of the Vulnerable Software and Affected Versions Cisco Intersight Virtual Appliance affected versions not specified Description A flaw exists in the read-only maintenance shell of the appliance that may allow a local attacker with administrative privileges to gain root access. This is caused...

CVE-2025-43890

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralizatio...

CVE-2025-43890

Dell PowerProtect Data Domain with DD OS feature releases from 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 contains an OS command injection vulnerability (Improper Neutralization of Special Elements used in an OS Command). A high-privilege local a...

EUVD-2020-18806

Malware in sbrugna...

EUVD-2020-27384

Malware in sbrugna...

EUVD-2021-17387

Malware in sbrugna...

EUVD-2020-12771

Malware in sbrugna...

EUVD-2020-7905

Malware in sbrugna...

EUVD-2008-2109

Malware in sbrugna...

EUVD-2021-29095

Malicious code in bioql PyPI...

EUVD-2025-31589

Malicious code in bioql PyPI...

EUVD-2022-30685

Malicious code in bioql PyPI...

EUVD-2024-34375

Malicious code in bioql PyPI...

EUVD-2022-28086

Malicious code in bioql PyPI...

EUVD-2022-24677

Malicious code in bioql PyPI...

PT-2025-34780 · Kapsch Trafficcom · Ris-9160 +1

Name of the Vulnerable Software and Affected Versions: Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28 Description: An incorrect access control issue exists in the EEPROM component, allowing attackers to replace password hashes...

CVE-2012-10041

WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shellexec with unsanitized input from the pc POST parameter, allowing remote attackers to execute arbitrary commands as the www-data user. The system also includes a SUID-root binary name...

OpenBao Root Namespace Operator May Elevate Token Privileges

Impact Accounts with access to the highly-privileged identity entity system in the root namespace may increase their scope directly to the root policy. While the identity system always allowed adding arbitrary policies, which in turn could contain capability grants on arbitrary paths, the root...

PT-2025-32394 · Unknown · Wan Emulator

Name of the Vulnerable Software and Affected Versions: WAN Emulator version 2.3 Description: WAN Emulator version 2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls the shell exec function with unsanitized input from the pc POST parameter, allowing...