CVE-2025-13444 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

CVE-2026-0500

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager WorkStation, an unauthenticated attacker could create a malicious JNLP Java Network Launch Protocol file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope...

CVE-2026-0500

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager WorkStation, an unauthenticated attacker could create a malicious JNLP Java Network Launch Protocol file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope...

CVE-2026-0507 OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK

Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables...

CVE-2026-0507 OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK

Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE, USA. A security vulnerability exists in HPE AOS 8 that stems from a command injection vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...

PT-2026-2429

Name of the Vulnerable Software and Affected Versions Webgrind version 1.1 Description Webgrind version 1.1 contains a remote command execution issue. Unauthenticated attackers can inject OS commands through the dataFile parameter in the ''index.php'' file. Attackers can execute arbitrary system...

PT-2026-2419

Name of the Vulnerable Software and Affected Versions Inbit Messenger versions 4.6.0 through 4.9.0 Description Inbit Messenger versions 4.6.0 through 4.9.0 have a remote command execution issue. Unauthenticated attackers can execute arbitrary commands by exploiting a stack overflow in the...

PT-2026-2456

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

SAP Wily Introscope Enterprise Manager 代码注入漏洞

SAP Wily Introscope Enterprise Manager is an application performance management component from SAP, Germany. A code injection vulnerability exists in SAP Wily Introscope Enterprise Manager, which stems from the use of a vulnerable third-party component, and could allow an unauthenticated attacker...

SAP Application Server for ABAP 操作系统命令注入漏洞

SAP Application Server for ABAP is a load balancing, memory management platform from SAP, Germany. SAP Application Server for ABAP suffers from an operating system command injection vulnerability that stems from OS command injection, which could lead to an authenticated attacker uploading special...

Progress LoadMaster 安全漏洞

Progress LoadMaster is a high performance Application Delivery Controller ADC and load balancer from Progress, Inc. A security vulnerability exists in Progress LoadMaster that stems from an uncleaned API input parameter, which could lead to the execution of arbitrary commands by an authenticated...

Eclipse Che 访问控制错误漏洞

Eclipse Che is a set of Java-based open source online integrated development environments IDEs from the Eclipse Foundation. An access control error vulnerability exists in Eclipse Che che-machine-exec, which originates from an unauthenticated remote attacker who can execute arbitrary commands and...

Algo 8028 Control Panel 操作系统命令注入漏洞

The Algo 8028 Control Panel is a web configuration interface for an access control intercom system from Algo. An operating system command injection vulnerability exists in Algo 8028 Control Panel version 3.3.3, which stems from the presence of command injection in the fm-data.lua endpoint, which...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE AOS that stems from a command injection vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE AOS 10 and HPE AOS 8 that stems from an arbitrary file write vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE AOS versions 10 and 8, which stems from an arbitrary file upload vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE, USA. A security vulnerability exists in HPE AOS that stems from a packet header that can be injected with shell commands, which could lead to the execution of arbitrary commands...

PT-2026-2441

Name of the Vulnerable Software and Affected Versions Eclipse Che versions affected versions not specified Description A flaw exists in Eclipse Che che-machine-exec that permits unauthenticated remote arbitrary command execution and secret exfiltration, including SSH keys and tokens, from other...

PT-2026-2363

Name of the Vulnerable Software and Affected Versions 4images version 1.9 Description The software contains a remote command execution issue. Authenticated administrators can inject reverse shell code through template editing functionality. Attackers can save malicious code in a template and...