CVE-2019-10891

An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnapmain, which calls system without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header...

PT-2025-22514 · Sangoma +1 · Asterisk +2

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 18.26.2 Asterisk versions prior to 20.14.1 Asterisk versions prior to 21.9.1 Asterisk versions prior to 22.4.1 certified-asterisk versions prior to 18.9-cert14 certified-asterisk versions prior to 20.7-cert5...

CVE-2005-3056

TWiki allows arbitrary shell command execution via the Include function...

SonicWall SMA100 SSL-VPN Remote Command Injection Vulnerability

The SonicWall SMA100 is a secure access gateway appliance from SonicWall USA. An input validation vulnerability exists in the SonicWall SMA100 SSL-VPN, which can be exploited by a remote attacker to submit a special request that can inject shell commands, upload files, and execute arbitrary...

ROS-20250430-06

A vulnerability in the vim text editor function is related to the execution of shell commands via specially crafted tar archives. created tar archives. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the vim text editor function is relate...

PT-2025-31839

Name of the Vulnerable Software and Affected Versions: Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 Description: An unauthenticated OS command injection vulnerability exists in the device. When configuring the device in Extender mode via its captive portal, the extap2g SSID field is...

EulerOS 2.0 SP11 : emacs (EulerOS-SA-2025-1354)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands o...

EulerOS 2.0 SP11 : emacs (EulerOS-SA-2025-1353)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands o...

CVE-2022-37061

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow th...

PT-2025-27473 · Unknown · Filebrowser

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.33.10 Description: The issue affects the implementation of the allowlist in File Browser, allowing unauthorized execution of shell commands. The impact depends on the configured commands and installed binaries...

Important: emacs

Issue Overview: A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. CVE-2025-1244 Affected Packages: emacs Issue...

Linux Distros Unpatched Vulnerability : CVE-2023-32700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.l...

FreeBSD : vim -- Potential code execution (398d1ec1-f7e6-11ef-bb15-002590af0794)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 398d1ec1-f7e6-11ef-bb15-002590af0794 advisory. vim reports: Potential code execution with tar.vim and special crafted tar files Vim is distributed wit...

DEBIAN-CVE-2025-27423

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

CVE-2025-27423

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

CVE-2025-27423

CVE-2025-27423 affects Vim (tar.vim plugin). Starting with Vim 9.1.0858, tar.vim uses the :read ex command to append below the cursor; input is not sanitized and is taken literally from the tar archive, allowing shell command execution via specially crafted archives (exploitation depends on the s...

CVE-2025-27423 Improper Input Validation in Vim

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

Exploit for Command Injection in Materialsvirtuallab Pymatgen

A Rust exploitation script for CVE-2024-23346. As shown below t...

OESA-2025-1165 emacs security update

Emacs is the extensible, customizable, self-documenting real-time display editor. At its core is an interpreter for Emacs Lisp, a dialect of the Lisp programming language with extensions to support text editing. And it is an entire ecosystem of functionality beyond text editing, including a proje...

CVE-2025-0592

The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the firmware file and uploading it to the device...