Npm Kill-Process-By-Name 命令注入漏洞

Npm Kill-Process-By-Name is an application from Npm, Inc. that kills all processes of a program using the program name. It kills all processes of a program using the program name. A security vulnerability exists in kill-process-by-name, which can be exploited by an attacker to execute arbitrary...

CVE-2021-26963

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform versions: Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could...

CVE-2021-26970

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform versions: Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A...

Command injection

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform versions: Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could...

CVE-2021-26963

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform versions: Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could...

CVE-2021-26962

Aruba AirWave Management Platform CLI vulnerability (CVE-2021-26962) affects versions prior to 8.2.12.0. A remote authenticated user can exploit the AirWave CLI to execute arbitrary commands on the underlying host as root, leading to full system compromise. Impact and exploitability are consisten...

EPrints Remote Code Execution Vulnerability

EPrints is a free open source software package for building open access repositories compliant with the OAI-PMH protocol. A remote code execution vulnerability exists in EPrints 3.4.2. A remote attacker can exploit this vulnerability by entering specially crafted data into the verb parameter in t...

CVE-2021-27878

An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...

CVE-2021-27878

An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...

The vulnerability in the Junos operating system’s license-check mechanism allows a perpetrator to execute arbitrary commands with root privileges.

The vulnerability of the Junos operating system’s license-check mechanism is related to the failure to implement measures to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands with root privileges...

Arbitrary Command Execution

nuance-gulp-build-common is vulnerable to arbitrary command execution. The run function allows an attacker to execute arbitrary commands on the host OS...

Arbitrary Command Execution Vulnerability in NPE Network Egress Engine System of Ruijie Networks Co.

Ltd. is a company mainly engaged in information system integration services; Internet virtual private network services; Internet management services and other items. An arbitrary command execution vulnerability exists in the NPE network egress engine system of Ruijie Networks Co. An attacker can...

Arbitrary Command Execution Vulnerability in the Wireless SmartWeb Management System of Ruijie Networks Co.

Ruijie Networks Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products and storage. An arbitrary command execution vulnerability exists in the wireless SmartW...

Command Injection Vulnerability in DrayTek Vigor 2960/3900/300B VPN Firewalls

The DrayTek Vigor Series routers are dual WAN port security firewall routers designed for mid-sized businesses. A command injection vulnerability exists in the DrayTek Vigor 2960/3900/300B VPN Firewall, which can be exploited by an attacker to execute arbitrary commands to gain privileges on the...

RACOM M!DGE OS Command Injection Vulnerability

The RACOM M!DGE is a cellular router designed for SCADA and telemetry mission-critical applications and is ideally suited for many different wireless applications. An OS command injection vulnerability exists in the RACOM M!DGE firmware version 4.4.40.105. An attacker can exploit this vulnerabili...

CVE-2021-22855

The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands...

Changjia Financial Management System Code Issue Vulnerability

Changjia Changjia Financial Management System is an application software of China Changjia Company. It provides financial management functions. A code issue vulnerability exists in the Changjia Financial Management System. An attacker can access the CGE account management function without...

Secomea GateManager Security Vulnerability

A security vulnerability exists in Secomea GateManager all versions prior to 9.3, which can be exploited by an attacker to run arbitrary commands on a victim's computer...

Racom 安全漏洞

The RACOM M!DGE is a cellular router designed for SCADA and telemetry mission-critical applications and is ideally suited for many different wireless applications. An OS command injection vulnerability exists in the RACOM M!DGE firmware version 4.4.40.105. An attacker can exploit this vulnerabili...

Webmin < 1.970 Multiple Vulnerabilities

According to its self-reported version, the version of Webmin running on the remote host may be affected by multiple vulnerabilities, including the following: - Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary...