CVE-2025-64991

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-PatchInsights-Deploy instruction prior V15. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...

CVE-2025-64990

TeamViewer DEX (formerly 1E DEX) contains a command injection in the 1E-Explorer-TachyonCore-LogoffUser instruction prior to V21.1. Root cause: improper input validation. Impact: authenticated attackers with Actioner privileges can inject arbitrary commands, enabling remote execution of elevated ...

CVE-2025-64989

CVE-2025-64989 describes a command-injection flaw in TeamViewer DEX (formerly 1E DEX), within the 1E-Explorer-TachyonCore-FindFileBySizeAndHash instruction prior to V21.1. The issue stems from improper input validation that allows authenticated attackers with Actioner privileges to inject and exe...

CVE-2025-64987

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-CheckSimpleIoC instruction. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...

CVE-2025-64986

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-DevicesListeningOnAPort instruction prior V21. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands...

PT-2025-50598

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-PatchInsights-Deploy instruction prior V15. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...

PT-2025-50594

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-CheckSimpleIoC instruction. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...

PT-2025-50595

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...

PT-2025-50247

Name of the Vulnerable Software and Affected Versions Selea Targa IP OCR-ANPR Camera affected versions not specified Description The Selea Targa IP OCR-ANPR Camera has an unauthenticated command injection issue in the utils.php file. This allows remote attackers to execute arbitrary shell command...

EUVD-2025-201459

TUUI is a desktop MCP client designed as a tool unitary utility integration. Prior to 1.3.4, a critical Remote Code Execution RCE vulnerability exists in Tuui due to an unsafe Cross-Site Scripting XSS flaw in the Markdown rendering component. Tuui allows the execution of arbitrary JavaScript with...

Malicious code in hooktest3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d1104ab742749c40acd3c4c989dba15890db64fd22f688dea72727fbc5b9d23 During installation, the package starts a code to retrieve and execute commands from Discord --- Category: MALICIOUS - The campaign has clearly malicious inten...

EUVD-2024-55105

The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is protected via local firewall...

Malicious code in hooktest1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3e91d71ab21e3575f1354593a314d50bc188b0db7b3851040e522426a765417 During installation, the package starts a code to retrieve and execute commands from Discord --- Category: MALICIOUS - The campaign has clearly malicious inten...

Malicious code in kdewebhelper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da8701a407522875f63d2aaa28d27194fe8e2faa4d7782fd66639f224ae62dcd Importing the module connects to a Telegram bot and provides its operator with abilities to execute commands, exfiltrate and encrypt data. The target group see...

Malicious code in siitoogether (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6fccd687f1acb55e6da0782b08ef14b3e8be5587dee4743a163a106c48390a50 Importing the module starts an RAT-like process capable of execute remote commands, with the C2 through Discord --- Category: MALICIOUS - The campaign has...

MAL-2025-191867 Malicious code in siitoogether (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6fccd687f1acb55e6da0782b08ef14b3e8be5587dee4743a163a106c48390a50 Importing the module starts an RAT-like process capable of execute remote commands, with the C2 through Discord --- Category: MALICIOUS - The campaign has...

Malicious code in kingwork-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5f5651b094b6f22f4f79f533c24bb398eb10ed340bfccdcdc75fa5dcfc98b8bf The package contains the same code to deobfuscate code as in previous packages, but the malicious code itself is missing --- Category: MALICIOUS - The campaign...

MAL-2025-191775 Malicious code in kingwork-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5f5651b094b6f22f4f79f533c24bb398eb10ed340bfccdcdc75fa5dcfc98b8bf The package contains the same code to deobfuscate code as in previous packages, but the malicious code itself is missing --- Category: MALICIOUS - The campaign...

CVE-2025-46581

ZTE's ZXCDN product is affected by a Struts remote code execution RCE vulnerability. An unauthenticated attacker can remotely execute commands with non-root privileges...

EUVD-2008-2011

Malware in sbrugna...