CVE-2021-47770

OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...

CVE-2021-47853

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

CVE-2025-36588

Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

CVE-2025-36588

Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

CVE-2025-36588

Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

CVE-2025-36588

CVE-2025-36588 affects Dell Unisphere for PowerMax, 10.2.0.x, due to an Improper Neutralization of Special Elements used in an SQL Command (SQL Injection). A low-privileged, remote attacker could potentially achieve command execution. Root cause: improper neutralization in SQL commands. CVSS 3.1 ...

CVE-2025-36588

Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

MAL-2026-461 Malicious code in @corp-front/corporate-filter-company-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3aaa588b7207d5174a115bb4b75335970dd288419043e978ffc3dc455f8608c5 The package @corp-front/corporate-filter-company-select was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-460 Malicious code in pay-by-bank-dashboard-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20c58f9aa900a5052fd440dd0a9a3e3ecb345fb4fee2be527b5af385485ee224 The package pay-by-bank-dashboard-server was found to contain malicious code. Source: ghsa-malware...

Vulnerabilities fixed in Cisco Unified Communications products

Cisco has fixed vulnerabilities in several Cisco Unified Communications products. The vulnerabilities include a critical vulnerability that allows unauthenticated remote attackers to execute arbitrary commands on the device's operating system. This is due to improper validation of user input in...

EVMAPA

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to degraded service, a denial-of-service, or unauthorized remote command execution, which could lead to spoofing or a manipulation of charging station statuses. 2. RECOMMENDED PRACTICES CISA recommends users take...

CVE-2026-23699

AP180 series with firmware versions prior to APRGOS 11.94B1P8 contains an OS command injection vulnerability. If this vulnerability is exploited, arbitrary commands may be executed on the devices...

SUSE CVE-2021-47853

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

Linux Distros Unpatched Vulnerability : CVE-2021-47853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query...

Apryse HTML2PDF SDK has security vulnerabilities

The Apryse HTML2PDF SDK is a file format conversion component developed by the American company Apryse. Versions of the Apryse HTML2PDF SDK 11.10 and earlier contained security vulnerabilities. These vulnerabilities stemmed from vulnerabilities in the InsertFromURL function, which could allow for...

PT-2026-3949

Name of the Vulnerable Software and Affected Versions Dell Unisphere for PowerMax versions 10.2.0.x Description Dell Unisphere for PowerMax versions 10.2.0.x contain an Improper Neutralization of Special Elements used in an SQL Command vulnerability, also known as 'SQL Injection'. A low privilege...

PT-2026-3897

AP180 series with firmware versions prior to AP RGOS 11.94B1P8 contains an OS command injection vulnerability. If this vulnerability is exploited, arbitrary commands may be executed on the devices...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

Incus path traversal vulnerability

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.21.0 contained a path traversal vulnerability. This vulnerability stemmed from directory traversal or symbolic link issues within the template functionality, which could lead to arbitrary file...