EUVD-2005-4893

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graphview.php script. An authenticated user can inject arbitrary shell commands via the graphstart GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute...

EUVD-2025-205454

n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node...

GHSA-62R4-HW23-CC8V n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Impact A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process...

n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Impact A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process...

MAL-2025-192941 Malicious code in bola511 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adc760a1f5b29980f41bbd685a2472e4f835f234b483c17520a81c1c881ca420 The package bola511 was found to contain malicious code. Source: ossf-package-analysis eea756cc3e9de36a5fb64a18448c1134945c9e97ac25b152267025711e7004...

Exploit for CVE-2025-9074

CVE-2025-9074 Docker Container Command Execution Tool A power...

CVE-2025-52600

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

CVE-2025-52600

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

Malicious code in aiogram-3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d8dac0d1eb98dbfc0fe46cabeadb550699f5e41b5d033ded073f7572f450bf7 During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...

CVE-2025-52600 Improper Input Validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

EUVD-2025-205420

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the...

CVE-2025-52600

CVE-2025-52600 affects Hanwha Vision cameras; vulnerability in camera video analytics due to improper input validation could allow a remote attacker to execute commands on the host PC. Patch firmware has been released by the manufacturer. Connected Nessus/NVD entries reiterate the same descriptio...

PT-2025-53446

Name of the Vulnerable Software and Affected Versions Camera Video Analytics Software affected versions not specified Description A flaw exists in camera video analytics software related to improper input validation. This could allow an attacker to execute commands on a user’s host PC...

Hanwha Vision Camera 安全漏洞

Hanwha Vision Camera is a series of cameras from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision Camera that stems from improper input validation in the camera's video analytics, which could lead to an attacker executing specific commands on the user's host...

Malicious code in bettermode-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ade97c888752f20137524d28c5b49359ed4187da5edcecb60ead623f40aba3c The package bettermode-common was found to contain malicious code. Source: ghsa-malware...

CVE-2025-3232

A remote unauthenticated attacker may be able to bypass authentication by utilizing a specific API route to execute arbitrary OS commands...

CVE-2019-25257 LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation

LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command,...

CVE-2019-25257 LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation

LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command,...

CVE-2019-25243 FaceSentry 6.4.8 Authenticated Remote Command Injection via Ping Test

FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort'...

CVE-2018-25135 Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via User Import

Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers to execute commands by inserting malicious formulas in user import fields. Attackers can craft payloads in fields like 'Name', 'Gender', or 'Position' to trigger Excel macro execution when importing...