86 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-pci: The size of the result returned for the admin command completion has been corrected. The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the...
CVE-2026-31493
A flaw was found in the Linux kernel's RDMA/efa component. When an admin command completes with an error during admin queue completion handling, the system attempts to print data from a completion context that has already been freed. This use-after-free vulnerability can lead to the disclosure of...
CVE-2026-29109
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions up to and including 8.9.2 contain an unsafe deserialization vulnerability in the SavedSearch filter processing component that allows an authenticated administrator to execute arbitrary...
TP-Link多款产品 安全漏洞
TP-LINK Archer is a series of routers produced by TP-LINK Corporation. Several TP-Link products have security vulnerabilities. These vulnerabilities stem from improper handling of Modem Management CLI command inputs. This could allow authenticated attackers with administrative privileges to execu...
PT-2026-27163
Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...
CVE-2026-29109 SuiteCRM Authenticated Remote Code Execution via Unsafe Deserialization in SavedSearch Filter Processing
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions up to and including 8.9.2 contain an unsafe deserialization vulnerability in the SavedSearch filter processing component that allows an authenticated administrator to execute arbitrary...
CVE-2025-26787
An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to configure Certificate access to the initial startup of the container sets a property of "allowany" to allow any user with a valid and trusted client auth...
CVE-2025-26787
An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to configure Certificate access to the initial startup of the container sets a property of "allowany" to allow any user with a valid and trusted client auth...
CVE-2025-64446
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTT...
CVE-2025-64446
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTT...
CVE-2025-64446
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTT...
CVE-2025-64446
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTT...
CVE-2025-64446
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTT...
CVE-2025-62577
ETERNUS SF by Fsas Technologies Inc. is affected by an incorrect default permissions (CWE-276) vulnerability. A low-privileged user with access to the management server may obtain database credentials and could potentially execute OS commands with administrator privileges . The issue is associate...
CVE-2025-59978
CVE-2025-59978 is a Cross-Site Scripting vulnerability in Juniper Networks Junos Space (pre-24.1R4). The issue arises from improper neutralization of input during web page generation, allowing an attacker to store script tags in web pages that, when viewed by another user, can execute commands wi...
EUVD-2020-25324
Malware in sbrugna...
EUVD-2007-0313
Malware in sbrugna...
EUVD-2023-23945
Malicious code in bioql PyPI...
SUSE CVE-2025-38314
In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...
CVE-2025-38314
In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...