EUVD-2025-4495

Malicious code in bioql PyPI...

EUVD-2023-24202

Malicious code in bioql PyPI...

CVE-2025-5525

A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This vulnerability affects the function LogChan of the file trojan/util/linux.go. The manipulation of the argument c leads to os command injection. The attack can be initiated remotely. The complexity of an...

CVE-2021-27289

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12, where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attack...

PT-2024-1939

Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account. The vulnerability is due t...

CVE-2023-30261

Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote attackers to run arbitrary commands via crafted GET request...

PT-2022-25905 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: A command injection issue was found via the UploadFirmwareFile function at the "/cgi-bin/cstecgi.cgi" API endpoint. Recommendations: For TOTOLINK NR1800X version 9.1.0u.6279 B2021091...