TencentOS Server 4: httpd (TSSA-2025:0960)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0960 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

EUVD-2025-203237

A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os command injection. Remote exploitation of the attack is possible...

EUVD-2025-199708

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR LapwingLinux on Linux nrfw modules. This vulnerability is associated with program files Code/nrfw/DLP/src/NrCgi.C. This issue affects LapwingLinux: before 2025/11/26...

TencentOS Server 3: ruby:3.1 (TSSA-2024:0106)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0106 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: ruby:2.5 (TSSA-2023:0312)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0312 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2010-2765

Malware in sbrugna...

EUVD-2009-1205

Malware in sbrugna...

EUVD-2012-3468

Malware in sbrugna...

EUVD-2016-1754

Malware in sbrugna...

EUVD-1999-1262

Malware in sbrugna...

EUVD-2018-6346

Malware in sbrugna...

EUVD-2016-5548

Malware in sbrugna...

EUVD-2004-0454

Malware in sbrugna...

EUVD-2000-0586

Malware in sbrugna...

EUVD-2019-15557

Malware in sbrugna...

EUVD-2009-0473

Malware in sbrugna...

EUVD-2021-27852

Malicious code in bioql PyPI...

EUVD-2021-27593

Malicious code in bioql PyPI...

PT-2025-39103

Name of the Vulnerable Software and Affected Versions Vitogate 300 affected versions not specified Description An OS command injection issue exists in the Vitogate 300. A malicious user can exploit this to compromise affected installations. The issue is present in the /cgi-bin/vitogate.cgi API...

CVE-2025-10358

A security vulnerability has been detected in Wavlink WL-WN578W2 221110. This affects the function sub404850 of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly...