Ubuntu: Security Advisory (USN-8079-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chamilo check_parse_lang.php file OS command injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo checkparselang.php file has an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary command execution...

CVE-2026-30861

Technical details about CVE-2026-30861 are not provided in the connected documents. The initial description mentions the vulnerability and patch, but no deeper technical specifics. Monitor for updates and rely on official advisories for remediation.

Chamilo 代码问题漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.34 contained code vulnerabilities. These vulnerabilities stemmed from improper validation of uploaded files, which could allow low-privilege users who are authenticated to upload specially...

USN-8079-1: less vulnerability

It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a denial of service or execute arbitrary commands...

USN-8079-1 less vulnerability

It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a denial of service or execute arbitrary commands...

USN-8078-1 zutty vulnerability

Carter Sande discovered that Zutty did not correctly echo invalid input to the console on DECRQSS. An attacker could possibly use this issue to execute arbitrary commands...

CVE-2026-29610

OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host execution or project-local bootstrapping. Attackers with authenticated access to node-host execution...

CVE-2026-29610

OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host execution or project-local bootstrapping. Attackers with authenticated access to node-host execution...

CVE-2026-28470

OpenClaw versions prior to 2026.2.2 contain an exec approvals must be enabled allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $ or backticks inside...

EUVD-2026-9934

OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host execution or project-local bootstrapping. Attackers with authenticated access to node-host execution...

CVE-2026-28470

OpenClaw versions prior to 2026.2.2 contain an exec approvals must be enabled allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $ or backticks inside...

Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager

CVE-2026‑20127 – Remote Authentication Bypass for Cisco Cataly...

CVE-2025-13686

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the job subroutine component...

CVE-2025-13687

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.14 had code vulnerabilities related to command hijacking. Attackers could execute unintended binary files by manipulating the PATH environment variable, potentially leading to arbitrary command...

EUVD-2026-9476

A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attack...

EUVD-2026-9463

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

CVE-2025-13687

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

CVE-2025-13687 DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...