EUVD-2026-30955

In the web management interface of Archer AX72 SG v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the...

CVE-2026-6819

The CVE-2026-6819 issue affects HKUDS OpenHarness where the OpenHarness plugin management surface is exposed by default. Specifically, the vulnerability stems from exposing plugin lifecycle commands such as /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders, a...

CVE-2026-30223

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" local RSA public key or "authJwtHmacSecret" HMAC secret, the configured audience value authJwtAud is not enforced during toke...

OESA-2025-2582 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

EUVD-2025-34075

CommandKit has incorrect command name exposure in context object for message command aliases...

EUVD-2006-0006

Malware in sbrugna...

CVE-2010-20059

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The execraw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation...

Linux Distros Unpatched Vulnerability : CVE-2021-3583

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user ...

CVE-2020-13842

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 MTK chipsets. A dangerous AT command was made available even though it is unused. The LG ID is LVE-SMP-200010 June 2020...

IBM Db2 信息泄露漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from an information disclosure vulnerability that originates when ADMINCMD is used in conjunction with IMPORT o...

PT-2023-8393 · Nginx-Ui · Nginx-Ui

Name of the Vulnerable Software and Affected Versions: Nginx-ui versions prior to 2.0.0.beta.9 Description: The issue is related to the Nginx UI server, where the API exposes certain settings such as test config cmd, reload cmd, and restart cmd, which can be modified by sending a request to the...

CVE-2022-31845

A vulnerability in livecheck.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

ALPINE-CVE-2021-46101

In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly...

UBUNTU-CVE-2017-8296

kedpm 0.5 and 1.0 creates a history file in /.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password...

DEBIAN-CVE-2016-7787

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user...

Security Advisory 2001-014: dump(8) exposes 'tty' group

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2001-014 ================================= Topic: dump8 exposes 'tty' group Version: NetBSD-current: source prior to August 8, 2001 NetBSD 1.5.1: affected NetBSD 1.5: affected NetBSD 1.4.x: all affected Severity: local users can gain tty...