MiracleLinux 8 : emacs-26.1-13.el8_10 (AXSA:2025-9716:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9716:02 advisory. emacs: Shell Injection Vulnerability in GNU Emacs via Custom man URI Scheme CVE-2025-1244 Tenable has extracted the preceding description block directly from...

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

CVE-2018-19168

Shell Metacharacter Injection in www/modules/save.php in FruityWifi aka PatatasFritas/PatataWifi through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted modname parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker does not need a valid...

CVE-2019-11627

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID...

CVE-2020-24354

Zyxel VMG5313-B30B router on firmware 5.13ABCJ.6b31127, and possibly older versions of firmware are affected by shell injection...

CVE-2025-6225

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...

CVE-2025-6225

CVE-2025-6225 affects Kieback&Peter Neutrino-GLT. The web component SM70 PHWEB has a shell command injection flaw through the login form, allowing injected commands to execute with low privileges . The vulnerability is mitigated in version 9.40.02 . Public exploitation details are not provided in...

Command Injection via Malicious Model Artifacts

A command injection vulnerability exists in MLflow's model serving container initialization code. When deploying a model with envmanager=LOCAL, MLflow reads dependency specifications from the model artifact's pythonenv.yaml file and directly interpolates them into a shell command without...

abrt: Command-injection in ABRT leading to local privilege escalation

A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...

SUSE CVE-2025-12744

A flaw was found in the ABRT daemon's handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...

GHSA-WVXP-JP4W-W8WG mcp-server-kubernetes has potential security issue in exec_in_pod tool

Summary A security issue exists in the execinpod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation sh -c without input validation, allowing shell...

mcp-server-kubernetes has potential security issue in exec_in_pod tool

Summary A security issue exists in the execinpod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation sh -c without input validation, allowing shell...

CVE-2025-66404

The CVE-2025-66404 entry concerns mcp-server-kubernetes. The exec_in_pod tool accepts a string command and passes it to a shell (sh -c) without input validation, enabling shell metacharacters to be interpreted. This creates potential for direct command injection or indirect prompt injection, allo...

CVE-2025-66404 mcp-server-kubernetes potential security issue in exec_in_pod tool

MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the execinpod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string...

CVE-2025-12744

A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command docker inspect %s without proper validation. An unprivileged local user can craft a payload that injects shell...

PT-2025-48799

Name of the Vulnerable Software and Affected Versions ABRT affected versions not specified Description The Automatic Bug Reporting Tool ABRT has a flaw in its handling of user-supplied mount information. ABRT copies up to 12 characters from an untrusted input and places them directly into a shell...

PT-2025-48997

Name of the Vulnerable Software and Affected Versions MCP Server Kubernetes versions prior to 2.9.8 Description The MCP Server Kubernetes software contains a security issue in the exec in pod tool. The tool improperly handles user-provided commands in string format, passing them directly to shell...

CVE-2025-11786

CVE-2025-11786 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The root cause is in SetUserPassword(): the input parameter newPassword is inserted into a shell command string using sprintf() without sanitisation and then executed with system() . This enables a potential attacker to inject arbitrar...

CVE-2025-8890

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports...

CVE-2025-8890

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports...