F5 BIG-IP Remote Command Injection Vulnerability

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a remote command injection vulnerability that stems from the application failing to properly filter...

VulnCheck KEV: CVE-2024-9916

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection. The attack may be launched remotely. The...

PT-2025-6865 · Unknown · Olajowon Loggrove

Name of the Vulnerable Software and Affected Versions: olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6 Description: A critical vulnerability was found in olajowon Loggrove, affecting an unknown functionality of the file /read/?page=1&logfile=eee&match=. The manipulation of the...

CVE-2025-23239

When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

CVE-2025-23239

CVE-2025-23239 affects BIG-IP iControl REST. In Appliance mode, an authenticated user with high privileges can exploit an undisclosed iControl REST endpoint to execute arbitrary commands, crossing a security boundary. Impact is command injection on the control plane with administrator-like privil...

CVE-2024-11634

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Not applicable to 9.1Rx...

PT-2025-5734

Name of the Vulnerable Software and Affected Versions: iControl versions prior to the fixed version Description: A remote command injection vulnerability exists in an undisclosed iControl REST endpoint when running in Appliance mode. This issue allows an authenticated attacker to cross a security...

CVE-2025-25039 Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager CPPM allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on...

CVE-2025-0798

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The...

CVE-2025-0528

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched...

cups security update

An update is available for cups. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Common UNIX Printing System CUPS provides a portable printing layer for Linu...

RockyLinux 8 : cups (RLSA-2025:0083)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:0083 advisory. cups: libppd: remote command injection via attacker controlled data in PPD file CVE-2024-47175 Tenable has extracted the preceding description block directly from...

Oracle Linux 8 : cups (ELSA-2025-0083)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0083 advisory. 1:2.2.6-62 - RHEL-60338 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file Tenable has extracted the preceding description...

cups security update

1:2.2.6-62 - RHEL-60338 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file...

RHEL 8 : cups (RHSA-2025:0083)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0083 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: libppd:...

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

Low: Red Hat Security Advisory: cups security update

An update for cups is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...