(0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the allowed commands list. The issue results from the lack of proper...

Xpoda Studio SQL注入漏洞

Xpoda Studio is a visualization development environment provided by the Turkish company Xpoda. Versions of Xpoda Studio dated back to February 2026 and earlier contained an SQL injection vulnerability. This vulnerability stemmed from improper handling of special elements within SQL commands, whic...

PT-2023-7953 · D Link · D-Link G416

Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: The issue is related to the cfgsave upusb function in the D-Link G416 router's firmware, which does not properly neutralize special elements used in an operating system command. This ca...

CVE-2020-4161

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. IBM X-Force ID: 174341...