46 matches found
CVE-2026-44661
CVE-2026-44661 affects python-utcp (utcp-http plugin) prior to v1.1.3. The vulnerability arises because register_manual() validates discovery URLs against an HTTPS/loopback allowlist, while call_tool()/call_tool_streaming() reuse tool_call_template.url without revalidation and the OpenAPI convert...
EUVD-2009-1126
Malware in sbrugna...
EUVD-2024-46533
Malicious code in bioql PyPI...
EUVD-2023-24704
Malicious code in bioql PyPI...
EUVD-2023-56297
Malicious code in bioql PyPI...
EUVD-2023-36419
Malicious code in bioql PyPI...
EUVD-2023-45712
Malicious code in bioql PyPI...
EUVD-2023-48761
Malicious code in bioql PyPI...
EUVD-2024-21351
Malicious code in bioql PyPI...
EUVD-2023-48764
Malicious code in bioql PyPI...
EUVD-2024-51130
Malicious code in bioql PyPI...
Trend Micro Apex One Console Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apex One console, which listens on TCP ports 8080 and 4343 by default. The issu...
(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of...
CVE-2024-6032 Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability
Tesla Model S Iris Modem qlatfwd Command Injection Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code on the target system in order to exploit this...
CVE-2024-6032
CVE-2024-6032. Concrete details across connected sources show a local command-injection in Tesla Model S Iris Modem via the ql_atfwd process. The flaw stems from inadequate validation of a user-supplied string used to form a system call, allowing an attacker with code execution on the target to r...
CVE-2025-2773
BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to exploit this vulnerability,...
Fortinet FortiWeb gui_upload_compress_act Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fortinet FortiWeb. Authentication is required to exploit this vulnerability. The specific flaw exists within the guiuploadcompressact function. The issue results from the lack of proper validation of...
mySCADA myPRO Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of mySCADA myPRO. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 34022 by default. The issue results from the la...
CVE-2020-15642
This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...
Vulnerability in the x86/bpf kernel components of the Linux operating system, allowing a hacker to cause a service failure
The vulnerability in the x86/bpf kernel components of the Linux operating system is related to incorrect validation of input data in the emitcall function. Exploiting this vulnerability can allow an attacker to cause a service failure...