Linux Distros Unpatched Vulnerability : CVE-2025-58098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd=...

CVE-2025-11786

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...

CVE-2025-63932

D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command...

CVE-2025-60701

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub433188 function in prog.cgi stores user-supplied email configuration parameters EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, AccountName in NVRAM v...

VulnCheck KEV: CVE-2016-15048

AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...

BESTWOND Intelligent Flow Control Router 安全漏洞

BESTWOND Intelligent Flow Control Router is an intelligent flow control router from China's BESTWOND. A security vulnerability exists in the BESTWOND Intelligent Flow Control Router that stems from not properly validating the path parameter and displaying it back to the shell environment, which...

EUVD-2017-12913

Malware in sbrugna...

EUVD-2017-15761

Malware in sbrugna...

EUVD-2020-27022

Malware in sbrugna...

EUVD-2005-1853

Malware in sbrugna...

EUVD-2017-7848

Malware in sbrugna...

EUVD-2016-6813

Malware in sbrugna...

EUVD-2019-4881

Malware in sbrugna...

EUVD-2018-0382

Malware in sbrugna...

EUVD-2022-1412

Malicious code in bioql PyPI...

EUVD-2023-2925

Malicious code in bioql PyPI...

EUVD-2022-15520

Malicious code in bioql PyPI...

EUVD-2022-52946

Malicious code in bioql PyPI...

EUVD-2024-0536

Malicious code in bioql PyPI...

CVE-2025-57633

A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated remote attackers to execute arbitrary OS commands. The /ftp.html endpoint's "Upload File" action constructs a shell command from the ftpfile parameter and executes it using os.system without sanitization ...