16978 matches found
PT-2026-6983
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue resides within the Configuration Handler component, specifically in the function sub 4208A0 located in the file /goform/set dmz...
CVE-2026-0782
ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...
CVE-2026-0796
ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...
CVE-2021-47888 Textpattern 4.8.3 - Remote code execution
Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute arbitrary commands by accessing the uploaded file through ...
CVE-2026-0796
ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...
CVE-2026-0788
ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability. This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...
CVE-2026-0761
Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...
CVE-2025-11002
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on...
CVE-2026-0771 Langflow PythonFunction Code Injection Remote Code Execution Vulnerability
Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Attack vectors and exploitability will vary depending on the configuration of the product. The specific flaw exis...
CVE-2026-0768 Langflow code Code Injection Remote Code Execution Vulnerability
Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the code...
CVE-2026-0761
The CVE-2026-0761 issue affects Foundation Agents MetaGPT, where the function actionoutput_str_to_mapping accepts user-supplied strings without proper validation, allowing remote code execution in the service account context. Reports from Red Hat and NVD summarize the flaw as a Python code execut...
CVE-2026-0761 Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability
Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...
CVE-2026-0795 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...
CVE-2026-0788
ALGO 8180 IP Audio Alerter Web UI Vulnerability (CVE-2026-0788) affects the Web UI used to view syslog. The flaw arises from improper validation of user-supplied data in the syslog viewing functionality, enabling a persistent Cross-Site Scripting (XSS) attack. A remote attacker can exploit this w...
CVE-2026-0783 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...
CVE-2026-0782 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...
Google Gemini MCP Tool operating system command injection vulnerability
Google Gemini MCP Tool is a tool component developed by Google Inc., based on large model context protocols. Google Gemini MCP Tool has a vulnerability related to operating system command injection. This vulnerability stems from the execAsync method, which executes system calls without verifying...
ALGO 8180 IP Audio Alerter: Operating System Command Injection Vulnerability
ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to operating system command injection. This vulnerability stems from the lack of validation for user input strings in the web-based interface, which may lead to...
ALGO 8180 IP Audio Alerter: Operating System Command Injection Vulnerability
ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to operating system command injection. This vulnerability stems from the lack of validation for user input strings in the web-based interface, which may lead to...
CVE-2025-15059
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...