CVE-2025-22605 Coolify OS Command Injection Vulnerability in SSH Command Generation

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Starting in version 4.0.0-beta.18 and prior to 4.0.0-beta.253, a vulnerability in the execution of commands on remote servers allows an authenticated user to execute arbitrary code on the local...

PT-2020-10038 · Zoho +1 · Zoho Manageengine Assetexplorer +1

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Asset Explorer version 6.5 Description: The issue arises from the lack of validation of the System Center Configuration Manager SCCM database username when dynamically generating a command to schedule scans for SCCM. This...

The vulnerability of the fly-dm component in the FLY operating system environment of the Astra Linux system allows a hacker to trigger a service failure.

The vulnerability of the fly-dm component in the FLY operating environment of the Astra Linux system is related to access control errors during command generation. Exploiting this vulnerability can allow an attacker to cause a service failure...