The vulnerability of the BufWinLeave function in the Vim text editor allows a hacker to execute arbitrary commands.

The vulnerability of the BufWinLeave function in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...

Mitel MiCollab Command Injection Vulnerability

Mitel MiCollab is an enterprise-grade unified communications solution that supports voice, video and messaging communications capabilities. A command injection vulnerability exists in Mitel MiCollab version 9.8.0.33, which can be exploited by an attacker to execute arbitrary system commands...

The vulnerability in the `usb_remote_smb_conf.cgi` script of NETGEAR XR1000 Wi-Fi routers allows a hacker to execute arbitrary commands.

The vulnerability in the usbremotesmbconf.cgi script of NETGEAR XR1000 Wi-Fi routers lies in the lack of measures for sanitizing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the sharename parameter...

EnGenius ENH1350EXT 安全漏洞

The EnGenius ENH1350EXT is an outdoor wireless access point from EnGenius. A security vulnerability exists in EnGenius ENH1350EXT version 3.9.3.2c1.9.51 and prior versions. An attacker can exploit the vulnerability to execute arbitrary operating system commands with root privileges...

CVE-2024-20275

A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to...

Cisco Secure Firewall Management Center 安全漏洞

Cisco Secure Firewall Management Center is a security firewall management software from Cisco. A security vulnerability exists in the Cisco Secure Firewall Management Center WEB interface, which can be exploited by remote attackers to submit a special request that can execute arbitrary commands i...

Cisco Secure Firewall Management Center 安全漏洞

Cisco Secure Firewall Management Center is a powerful network security management tool from Cisco USA. A security vulnerability exists in Cisco Secure Firewall Management Center that stems from insufficient validation of user data provided through the web-based management interface. An attacker...

CVE-2024-49368

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue...

CVE-2024-49368 Unchecked logrotate settings lead to arbitrary command execution

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue...

CVE-2024-49368 Unchecked logrotate settings lead to arbitrary command execution

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue...

CVE-2024-49368 Unchecked logrotate settings lead to arbitrary command execution

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue...

D-Link DIR-878 and D-Link DIR-882 Command Injection Vulnerability

The D-Link DIR-878 is a wireless router.The D-Link DIR-882 is a dual-band wireless router. A command injection vulnerability exists in the D-Link DIR-878 and D-Link DIR-882, which can be exploited by an attacker to execute arbitrary operating system commands via a constructed POST request...

D-Link DIR-878 and D-Link DIR-882 Command Injection Vulnerability (CNVD-2024-41700)

The D-Link DIR-878 is a wireless router.The D-Link DIR-882 is a dual-band wireless router. A command injection vulnerability exists in the D-Link DIR-878 and D-Link DIR-882, which can be exploited by an attacker to execute arbitrary operating system commands via a crafted POST request...

D-Link DIR-878 and D-Link DIR-882 Command Injection Vulnerabilities (CNVD-2024-41698)

The D-Link DIR-878 is a wireless router.The D-Link DIR-882 is a dual-band wireless router. A command injection vulnerability exists in the D-Link DIR-878 and D-Link DIR-882, which can be exploited by an attacker to execute arbitrary operating system commands via a constructed POST request...

Mitel MiCollab和Mitel MiVoice 代码注入漏洞

Mitel MiCollab and Mitel MiVoice are both products of Mitel Canada.Mitel MiCollab is a mobile application that provides voice, video, messaging, audio conferencing, and team collaboration for employees.Mitel MiVoice is an IP-capable telephone. A security vulnerability exists in Mitel MiCollab...

D-Link DIR-878 and D-Link DIR-882 Command Injection Vulnerabilities (CNVD-2024-41697)

The D-Link DIR-878 is a wireless router.The D-Link DIR-882 is a dual-band wireless router. A command injection vulnerability exists in the D-Link DIR-878 and D-Link DIR-882, which can be exploited by an attacker to execute arbitrary operating system commands via a constructed POST request...

D-Link DIR-878 and D-Link DIR-882 Command Injection Vulnerability (CNVD-2024-41695)

The D-Link DIR-878 is a wireless router.The D-Link DIR-882 is a dual-band wireless router. A command injection vulnerability exists in the D-Link DIR-878 and D-Link DIR-882, which can be exploited by an attacker to execute arbitrary operating system commands via a constructed POST request...

D-Link DIR-878 and D-Link DIR-882 Command Injection Vulnerability (CNVD-2024-41699)

The D-Link DIR-878 is a wireless router.The D-Link DIR-882 is a dual-band wireless router. A command injection vulnerability exists in the D-Link DIR-878 and D-Link DIR-882, which can be exploited by an attacker to execute arbitrary operating system commands via a constructed POST request...

Adobe Digital Editions < 4.5.11.187658 Multiple Vulnerabilities (APSB21-80) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.11.187658. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-80 advisory. - Adobe Digital Editions 4.5.11.187646 and earlier are affected by an arbitrary command execution...

NETGEAR R7000 Command Injection Vulnerability

The NETGEAR R7000 is a wireless router from NETGEAR. The NETGEAR R7000 version 1.0.11.136 suffers from a command injection vulnerability that stems from the devicename2 parameter failing to correctly filter constructed command special characters, commands, and so on. An attacker could exploit thi...