The vulnerability of the setWiFiScheduleCfg() function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the setWiFiScheduleCfg function in the web/cgi-bin/cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the eMinute parameter. Exploiti...

CVE-2025-0255

HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements...

CVE-2025-2701

A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/portsetup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command...

The vulnerability of the Bitdefender BOX 1 device for protecting appliances and gadgets lies in the lack of measures taken at the control level to clean data. This allows a perpetrator to execute arbitrary commands.

The vulnerability of the Bitdefender BOX 1 device for protecting appliances and gadgets is related to the lack of measures taken to clean data at the control level during the processing of the final checkpoint /checkimageandtriggerrecovery. Exploiting this vulnerability allows a remote attacker t...

CVE-2025-29980

A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.7...

CVE-2024-7034

In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of filepath = f"UPLOADDIR/file.filename" without proper input validation or sanitization. An attacker can...

CVE-2024-11039

A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...

MAL-2025-191818 Malicious code in prmduc193 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 766c3df26ad3e62a1923e1c6879348aba96deafb8bf62a1555c589b57cd91fc0 Importing the package starts a revshell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-03-prmduc193...

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

SUSE CVE-2024-7776

A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files i...

The vulnerability of the PHP plugin “Export/Import of Products to Excel” – which exists due to the lack of measures to neutralize special elements – allows attackers to execute arbitrary commands on the server.

The vulnerability of the PHP plugin “Export/Import of Products to Excel” exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the server by sending a specially crafted POST request...

CVE-2025-29980

A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.7...

CVE-2025-29980 Blind SQL Injection vulnerability in eTRAKiT.Net

A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.7...

Vulnerabilities fixed in IBM AIX

IBM has fixed vulnerabilities in IBM AIX Specifically for versions 7.2 and 7.3. The vulnerabilities are in the NIM master service and the nimsh service's SSL/TLS protection mechanisms in IBM AIX versions 7.2 and 7.3. These vulnerabilities can be exploited by remote malicious actors to execute...

Open Neural Network Exchange (ONNX) Path Traversal Vulnerability

A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files i...

Directory Traversal

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Directory Traversal through the /models/upload endpoint. An attacker can manipulate the file.filename parameter to include directory traversal sequences, causing the resulting filepath to escape the intended...

Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of filepath = f"UPLOADDIR/file.filename" without proper input validation or sanitization. An attacker can...

GHSA-CRH6-PJ8C-XRHC Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of filepath = f"UPLOADDIR/file.filename" without proper input validation or sanitization. An attacker can...

GHSA-XQGJ-R6XV-9CW4 Withdrawn Advisory: Dask Vulnerable to Command Injection

Withdrawn Advisory This advisory has been withdrawn because it describes intended functionality. This link is maintained to preserve external references. Original Description Dask versions =2024.8.2 contain a vulnerability in the Dask Distributed Server where the use of pickle serialization allow...

Withdrawn Advisory: Dask Vulnerable to Command Injection

Withdrawn Advisory This advisory has been withdrawn because it describes intended functionality. This link is maintained to preserve external references. Original Description Dask versions =2024.8.2 contain a vulnerability in the Dask Distributed Server where the use of pickle serialization allow...