EUVD-2026-3129

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064 bastillion-io Bastillion System Management SystemKtrl.java command injection

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064 bastillion-io Bastillion System Management SystemKtrl.java command injection

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064

Summary of CVE-2026-1064 (bastillion-io Bastillion) Affects Bastillion up to version 4.0.1 in the System Management Module, specifically the SystemKtrl.java component. The vulnerability arises from a manipulation of the file path src/main/java/io/bastillion/manage/control/SystemKtrl.java, leading...

PT-2026-3371

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

Bastillion command injection vulnerability

Bastillion is an open-source key management tool developed by bastillion-io. Versions of Bastillion 4.0.1 and earlier contained a command injection vulnerability. This vulnerability stemmed from incorrect operations on the System Management Module component in the file...

pig 安全漏洞

pig is a privilege management system of pig-mesh open source. A security vulnerability exists in pig 3.8.2 and earlier versions. The vulnerability stems from an improper privilege validation issue in the token query interface /api/admin/sys-token/page of the token management function in the syste...

EUVD-2018-20687

Malware in sbrugna...

EUVD-2018-7952

Malware in sbrugna...

EUVD-2018-7951

Malware in sbrugna...

EUVD-2018-20686

Malware in sbrugna...

EUVD-2021-27091

Malware in sbrugna...

EUVD-2018-7949

Malware in sbrugna...

CVE-2021-3897

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

CVE-2021-3849

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

System Management Module (SMM v1 and v2) and Fan Power Controller (FPC) Vulnerabilities - Lenovo Support US

No description provided...

PT-2024-3581 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified SMM/SMM2 and FPC affected versions not specified Description: A command injection issue was identified in the System Management Module SMM/SMM2 and...

PT-2024-3582 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified Description: The issue is related to an authentication bypass vulnerability in the System Management Module SMM/SMM2 and Fan Power Controller FPC...

CVE-2023-2993

A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute...