CVE-2018-25135 Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via User Import

Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers to execute commands by inserting malicious formulas in user import fields. Attackers can craft payloads in fields like 'Name', 'Gender', or 'Position' to trigger Excel macro execution when importing...

riello-multiple-vulnerabilities-2025

Riello UPS with NetMan 208 - Vulnerability Disclosure During...

CVE-2025-25364

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...

PT-2025-53343

Name of the Vulnerable Software and Affected Versions LogicalDOC Enterprise version 7.7.4 Description The software contains multiple authenticated operating system command execution flaws. These flaws permit attackers to manipulate binary paths when altering system settings. Exploitation involves...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0 that originates from a restricted shell that can be escaped via a customized ping command, which could result in the execution of commands with ro...

Advantech WebAccess/SCADA SQL Injection Vulnerability

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An SQL injection vulnerability exists in...

TencentOS Server 4: edk2 (TSSA-2025:0967)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0967 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-66210

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the Database Import functionality allows users with application/service management permissions to execute...

CVE-2025-67109

Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges...

Exploit for Code Injection in Laravel Livewire

Livepyre A tool designed to exploit CVE-2025-54068 an...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-67109

Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges...

PT-2025-52874

CVE-2025-68650 - Cisco Router Unauthenticated Remote Command Execution CVE ID : CVE-2025-68650 Published : Dec. 23, 2025, 4:15 a.m. | 2 hours, 43 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

PT-2025-52737

Name of the Vulnerable Software and Affected Versions Eaton xComfort ECI affected versions not specified Description A flaw exists in the input validation process of a web interface endpoint within Eaton xComfort ECI. This could allow an attacker with network access to the device to execute...

ROS-20251223-7314

A vulnerability in the Snapshot/Restore commands of the AdminServer component of the centralized service for maintaining configuration information, naming, providing distributed synchronization, and provisioning Apache ZooKeeper group services is related to incorrect handling of insufficient...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11542

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11541

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs...

CVE-2025-11541

Sharp Display Solutions projectors are affected by CVE-2025-11541, a stack-based buffer overflow vulnerability in the projector firmware that allows an attacker to execute arbitrary commands and programs. The issue is associated with NEC/Sharp-branded devices and is listed across multiple sources...