1819 matches found
CVE-2025-0593
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level functions to interact with the device...
CVE-2025-0593
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level functions to interact with the device...
CVE-2025-0593
CVE-2025-0593 affects SICK Lector8xx and SICK InspectorP8xx. A remote, low-privilege attacker can cause the device to run arbitrary shell commands by using lower-level functions to interact with the hardware. Several sources identify the affected products and note the vulnerability exists in olde...
Vulnerability in SICK Lector8xx and SICK InspectorP8xx
SICK has found two vulnerabilities that affect the SICK Lector8xx and SICK InspectorP8xx. The vulnerabilities may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the firmware file or executing low-level functions. SICK is currently not aware of any public...
PT-2025-6795 · Sick · Sick Inspectorp8Xx +1
Name of the Vulnerable Software and Affected Versions: SICK Lector8xx affected versions not specified SICK InspectorP8xx affected versions not specified Description: The issue may allow a remote low privileged attacker to run arbitrary shell commands by using lower-level functions to interact wit...
PT-2025-6794 · Sick · Sick Lector8Xx
Name of the Vulnerable Software and Affected Versions: SICK Lector8xx affected versions not specified Description: The issue may allow a remote low privileged attacker to run arbitrary shell commands by manipulating the firmware file and uploading it to the device. Recommendations: At the moment,...
SICK Lector8xx和SICK InspectorP8xx 安全漏洞
SICK Lector8xx and SICK InspectorP8xx are both products of SICK Germany.SICK Lector8xx is a 2D laser scanning barcode reader.SICK InspectorP8xx is a high performance 2D laser scanning sensor. A security vulnerability exists in SICK InspectorP8xx versions prior to 3.11.1 and SICK Lector8xx version...
SICK InspectorP8xx和SICK Lector8xx 安全漏洞
SICK Lector8xx and SICK InspectorP8xx are both products of SICK Germany.SICK Lector8xx is a 2D laser scanning barcode reader.SICK InspectorP8xx is a high performance 2D laser scanning sensor. A security vulnerability exists in SICK InspectorP8xx versions prior to 3.11.1 and SICK Lector8xx version...
AZL-56713 CVE-2025-1244 affecting package emacs for versions less than 29.4-2
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...
CVE-2025-24499
A vulnerability has been identified in SCALANCE WAB762-1 6GK5762-1AJ00-6AA0 All versions V3.0.0, SCALANCE WAM763-1 6GK5763-1AL00-7DA0 All versions V3.0.0, SCALANCE WAM763-1 ME 6GK5763-1AL00-7DC0 All versions V3.0.0, SCALANCE WAM763-1 US 6GK5763-1AL00-7DB0 All versions V3.0.0, SCALANCE WAM766-1...
PT-2025-6203 · Siemens · Scalance Wam766-1 +4
Name of the Vulnerable Software and Affected Versions: SCALANCE WAB762-1 versions prior to V3.0.0 SCALANCE WAM763-1 versions prior to V3.0.0 SCALANCE WAM763-1 ME versions prior to V3.0.0 SCALANCE WAM763-1 US versions prior to V3.0.0 SCALANCE WAM766-1 versions prior to V3.0.0 SCALANCE WAM766-1 ME...
Siemens SCALANCE Series 输入验证错误漏洞
The Siemens SCALANCE Series is a family of industrial communication devices from Siemens Germany. An input validation error vulnerability exists in the Siemens SCALANCE Series, which arises from an affected device not properly validating input when loading a configuration file. This could allow a...
Azure Linux 3.0 Security Update: perl-Module-ScanDeps (CVE-2024-10224)
The version of perl-Module-ScanDeps installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10224 advisory. - Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, befor...
CVE-2019-5029
An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $ can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker c...
CVE-2024-6091
A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as 'whoami' and '/bin/whoami'. An attacker can circumvent this restriction by executin...
The vulnerability of the AutoGPT library, related to its failure to take measures to neutralize special elements, allows a violator to bypass the restrictions on shell commands.
The vulnerability of the AutoGPT library is related to the failure to take measures to neutralize certain elements. Exploiting this vulnerability allows a remote attacker to bypass the restrictions in the botnet’s command list...
CVE-2025-24364
vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjus...
CVE-2024-48418
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands...
CVE-2024-48418
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands...
CVE-2025-23196
CVE-2025-23196 describes a code injection vulnerability in the Ambari Alert Definition feature. An authenticated user can exploit the vulnerability when defining alert scripts, where the script filename field is executed via sh -c , enabling remote command execution on the server. Multiple connec...