EUVD-2026-30206

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

CVE-2026-8500

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

CVE-2026-7220

A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastlycli Tool. The manipulation of the argument command leads to os command injection. It is possible to initiate...

CVE-2026-5619

A flaw has been found in Braffolk mcp-summarization-functions up to 0.1.5. This impacts an unknown function of the file src/server/mcp-server.ts of the component summarizecommand. Executing a manipulation of the argument command can lead to os command injection. The attack requires local access...

CVE-2026-3965

A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...

CVE-2026-27115 ADB Explorer is Vulnerable to Arbitrary Directory Deletion via Command-Line Argument

ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below have an unvalidated command-line argument that allows any user to trigger recursive deletion of arbitrary directories on the Windows filesystem. ADB Explorer accepts an optional path argument to set a custom data...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

EUVD-2019-7061

Malware in sbrugna...

EUVD-2019-7090

Malware in sbrugna...

EUVD-2003-0390

Malware in sbrugna...

EUVD-2005-1933

Malware in sbrugna...

CVE-2025-11303

Belkin F9K1015 (version 1.00.10) contains a command injection flaw in the /goform/mp handler via manipulation of the command argument. The vulnerability allows remote execution and is supported by multiple sources (NVD, Red Hat, Vulners enrichments, PT Security) with exploitation details publicly...

Exploit for CVE-2024-28397

CVE-2024-28397 RCE Script Default reverse shell payload and o...

CVE-2025-20278

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied...

CVE-2025-21462

Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit...

CVE-2025-21462

CVE-2025-21462 describes memory corruption in Qualcomm chipsets during IOCTL processing when the input buffer greatly exceeds the command argument limit, effectively an out-of-bounds/write scenario. The vulnerability is evidenced across multiple feeds (NVD, Red Hat, CVE List) with the same descri...

PT-2025-19878 · Qualcomm · Snapdragon +12

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption that occurs while processing an IOCTL request. This happens when the buffer significantly exceeds the command argument limit. Recommendations: At th...

openSUSE: Security Advisory for flatpak (SUSE-SU-2024:1535-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:1548-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization bsc1223110...

SUSE-SU-2024:1547-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization bsc1223110...