EUVD-2025-209999

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Administration WebUI in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating syste...

Siemens多款产品 操作系统命令注入漏洞

Siemens RUGGEDCOM is a communication device developed by the German company Siemens. It provides fast and reliable communication for industries such as power, transportation, oil, and gas. Several Siemens products have vulnerabilities related to operating system command injection. These...

Cisco 350X Series和Cisco 350 Series 安全漏洞

The Cisco 350X Series and Cisco 350 Series are a series of enterprise-class stackable Ethernet switches from the American company Cisco. There are security vulnerabilities in both the Cisco 350X Series and Cisco 350 Series. These vulnerabilities stem from improper error handling when parsing...

CVE-2026-31195

The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...

CVE-2026-41036

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device. Successful exploitation of this...

CVE-2026-5967

ThreatSonar Anti-Ransomware (TeamT5) is affected by a Privilege Escalation vulnerability. The description states that authenticated remote attackers with shell access can inject OS commands and execute them with root privileges, indicating a post-authentication, command-injection path that could ...

Cisco Identity Services Engine 安全漏洞

Cisco Identity Services Engine is an identity services engine developed by Cisco, a US-based company. This platform collects real-time information from networks, users, and devices, and develops and implements policies to manage the network. There is a security vulnerability in Cisco Identity...

Vulnerability fixed in Cisco Meeting Management

Cisco has fixed a vulnerability in Cisco Meeting Management. The vulnerability is in the Certificate Management feature of Cisco Meeting Management, which contains incorrect input validation within the Web-based management interface. This allows authenticated remote attackers to upload arbitrary...

VulnCheck KEV: CVE-2023-41345

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libssh (UTSA-2025-990927)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990927 advisory. A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison...

EUVD-2008-2614

Malware in sbrugna...

EUVD-2018-13554

Malware in sbrugna...

EUVD-2020-26915

Malware in sbrugna...

EUVD-2018-16647

Malware in sbrugna...

EUVD-2023-31239

Malicious code in bioql PyPI...

EUVD-2023-50974

Malicious code in bioql PyPI...

CVE-2025-54292

Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths...

CVE-2025-20327

A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a...

Linux Distros Unpatched Vulnerability : CVE-2016-7169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file- upload-upgrader.php in the upgrade package uploader in...

CVE-2025-20261

A vulnerability in the SSH connection handling of Cisco Integrated Management Controller IMC for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series Servers could allow an authenticated, remote attacker to access internal services with elevated privileges. This vulnerability is due t...