214 matches found
CVE-2023-25911
The Danfoss AK-EM100 web applications allow for an authenticated user to perform OS command injection through the web application parameters...
EUVD-2006-4297
Malware in sbrugna...
EUVD-2016-8835
Malware in sbrugna...
EUVD-2023-29800
Malicious code in bioql PyPI...
EUVD-2023-50990
Malicious code in bioql PyPI...
EUVD-2025-13996
Malicious code in bioql PyPI...
EUVD-2025-25499
Malicious code in bioql PyPI...
EUVD-2023-29799
Malicious code in bioql PyPI...
EUVD-2025-25498
Malicious code in bioql PyPI...
EUVD-2023-26722
Malicious code in bioql PyPI...
ak-frame-extractor (>=1.0.0 <=1.3.0), ak-video-analyser (=0.0.2) +111 more potentially affected by CVE-2025-59042 via pyinstaller (>=3.0.0 <=5.9.0)
pyinstaller PYPI version =3.0.0, =1.0.0, =0.2.4, =0.1.0, =0.2.0, =0.0.25, =0.1.0, =0.1.0, =0.99.6.2, =0.1.0, =0.3.0, =0.6.0 and more Source cves: CVE-2025-59042 Source advisory: OSV:GHSA-P2XP-XX3R-MFFC...
CVE-2025-41451
Improper neutralization of alarm-to-mail configuration fields used in an OS shell Command 'Command Injection' in Danfoss AK-SM8xxA Series prior to version 4.3.1, leading to a potential post-authenticated remote code execution on an attacked system...
CVE-2025-41452
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...
CVE-2025-41452
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...
CVE-2025-41451
Improper neutralization of alarm-to-mail configuration fields used in an OS shell Command 'Command Injection' in Danfoss AK-SM8xxA Series prior to version 4.3.1, leading to a potential post-authenticated remote code execution on an attacked system...
CVE-2025-41452 Post auth nginx configuration injection in Danfoss AK-SM8xxA Series
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...
CVE-2025-41452
Danfoss AK-SM8xxA Series before 4.3.1 contains a post-authenticated external control of the system Web interface configuration, with improper handling of exceptional conditions that could cause a DoS. CVSS 6.8 (Network, high attack complexity, high impact on availability). Remediation: update to ...
CVE-2025-41452 Post auth nginx configuration injection in Danfoss AK-SM8xxA Series
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions...
CVE-2025-41451 Post-Authentication OS Command Injection RCE in Danfoss AK-SM8xxA Series
Improper neutralization of alarm-to-mail configuration fields used in an OS shell Command 'Command Injection' in Danfoss AK-SM8xxA Series prior to version 4.3.1, leading to a potential post-authenticated remote code execution on an attacked system...
CVE-2025-41451
CVE-2025-41451 affects Danfoss AK-SM8xxA Series prior to version 4.3.1. Root cause: improper neutralization of alarm-to-mail configuration fields in an OS shell command, enabling post-authenticated remote code execution on the attacked system. Impact: remote code execution with high severity; att...