EUVD-2024-38391

Malicious code in bioql PyPI...

EUVD-2024-50523

Malicious code in bioql PyPI...

EUVD-2022-30588

Malicious code in bioql PyPI...

EUVD-2022-52249

Malicious code in bioql PyPI...

EUVD-2022-48826

Malicious code in bioql PyPI...

EUVD-2021-33133

Malicious code in bioql PyPI...

EUVD-2023-50108

Malicious code in bioql PyPI...

EUVD-2022-36370

Malicious code in bioql PyPI...

EUVD-2025-23819

Malicious code in bioql PyPI...

EUVD-2025-8021

Malicious code in bioql PyPI...

EUVD-2024-38359

Malicious code in bioql PyPI...

EUVD-2021-28411

Malicious code in bioql PyPI...

DELL Cloud Disaster Recovery OS Command Injection Vulnerability

DELL Cloud Disaster Recovery is a cloud disaster recovery solution provided by Dell Technologies. DELL Cloud Disaster Recovery suffers from an OS command injection vulnerability that stems from improper neutralization of special elements in OS commands, which can be exploited by an attacker to...

TOTOLINK X6000R Operating System Command Injection Vulnerability

The TOTOLINK X6000R is a wireless router from TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X6000R V9.4.0cu.1458B20250708 and prior versions, which stems from a failure to properly filter special elements in user input. An attacker can exploit this vulnerability...

CVE-2025-59815

This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Exploitation can compromise the device’s availability, confidentiality, and integrity...

CVE-2025-59844

SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. A command injection vulnerability exists in SonarQube GitHub Action in version 4.0.0 to before version 6.0.0 when workflows pass user-controlled input to the args parameter on Windows...

GHSA-5XQ9-5G24-4G6F Argument injection vulnerability in SonarQube Scan Action

A command injection vulnerability exists in SonarQube GitHub Action prior to v6.0.0 when workflows pass user-controlled input to the args parameter on Windows runners without proper validation. This vulnerability bypasses a previous security fix and allows arbitrary command execution, potentially...

Docker Desktop 安全漏洞

Docker Desktop is a desktop software for lightweight deployment of applications based on container technology from Docker Inc. in the United States. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

Zenitel ICX500和Zenitel ICX510 安全漏洞

Zenitel ICX500 and Zenitel ICX510 are both communication and control platforms from Zenitel Norway. A security vulnerability exists in the Zenitel ICX500 and Zenitel ICX510 that originates from an attacker being able to execute arbitrary commands that could result in full control of the device...

D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23469)

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability due to a flaw in the /usr/sbin/goahead file. An attacker can exploit this vulnerability to execute arbitrary commands on the system...