170 matches found
CVE-2025-0680
Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud...
The vulnerability of the invscout component in AIX and VIOS operating systems allows a perpetrator to execute arbitrary commands.
The vulnerability of the invscout component in AIX and VIOS operating systems is related to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
kernel: net/mlx5: Discard command completions in internal error
A use-after-free vulnerability has been discovered in the Linux kernel within the drivers/net/ethernet/mellanox/mlx5/core/cmd.c component, specifically related to the Mellanox network driver. This flaw can lead to compromised system availability. Successful exploitation could result in...
CVE-2024-50268 usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...
The vulnerability of the SSH and Telnet protocol implementations of the D-Link DSL6740C modem’s microprogramming software allows a intruder to execute arbitrary commands.
The vulnerability of SSH and Telnet protocols implemented by the microprogramming software of the D-Link DSL6740C modem lies in the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...
PT-2024-8519 · Fortinet · Fortimanager +2
Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.4.0 through 7.4.2 and before 7.2.5 Fortinet FortiAnalyzer versions 7.4.0 through 7.4.2 and before 7.2.5 Fortinet FortiAnalyzer-BigData before 7.4.0 Description: The issue is related to improper neutralization ...
The vulnerability of the httpProcDataSrv() function in TP-Link TL-WDR5620 router software allows a hacker to execute arbitrary code.
The vulnerability of the httpProcDataSrv function in TP-Link TL-WDR5620 router software exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of D-Link DIR-846W router’s microprogramming software lies in the lack of measures to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary code.
The vulnerability of the D-Link DIR-846W router’s microprogramming software is related to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through the...
The vulnerability of the Go Getter library, related to the improper neutralization of special elements used in the command, allows a hacker to execute arbitrary code.
The vulnerability of the Go Getter library is related to the update of Git for the existing, maliciously modified Git configuration. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
kernel: net/mlx5: Discard command completions in internal error
A use-after-free vulnerability has been discovered in the Linux kernel within the drivers/net/ethernet/mellanox/mlx5/core/cmd.c component, specifically related to the Mellanox network driver. This flaw can lead to compromised system availability. Successful exploitation could result in...
kernel: net/mlx5: Discard command completions in internal error
A use-after-free vulnerability has been discovered in the Linux kernel within the drivers/net/ethernet/mellanox/mlx5/core/cmd.c component, specifically related to the Mellanox network driver. This flaw can lead to compromised system availability. Successful exploitation could result in...
The vulnerability of the lib-src/etags.c file of the EMACS text editor’s etags component allows a hacker to execute arbitrary code.
The vulnerability of the lib-src/etags.c file of the EMACS text editor’s etags component is related to the improper elimination of special elements used in the OS command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Vulnerability of the org-babel-execute function: latex() in the text editor EMACS, allowing an attacker to execute arbitrary code
The vulnerability of the org-babel-execute:latex function in the text editor EMACS is related to the improper elimination of special elements used in the command. Exploiting this vulnerability may allow an attacker to execute arbitrary code...
The vulnerability of the BuildClient function (client_service.go) in the CHAOS remote administration tool allows a hacker to execute arbitrary code.
The vulnerability of the BuildClient function in clientservice.go, a remote administration tool for CHAOS, exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
CVE-2024-39524
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...
CVE-2024-39524
The CVE concerns Juniper Networks Junos OS Evolved CLI: an Improper Neutralization of Special Elements in CLI command option handling allows a local, authenticated user with LOW privileges to escalate to root, potentially compromising the entire system. Affected versions are: all before 20.4R3-S7...
CVE-2024-39523
CVE-2024-39523 is a local, authenticated-then-privilege-escalation issue in Juniper Networks Junos OS Evolved CLI handling of command options. A crafted parameter set can escalate to root on the shell, resulting in full compromise. Affected: Junos OS Evolved versions before 20.4R3-S7-EVO; 21.2-EV...
Malicious code in Be.Vlaanderen.Basisregisters.AggregateSoսrce.Testing.CommaոdHandling (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Be.Vlaanderen.Basisregisters.AggregatеSoսrce.Testing.CommаոdHandling (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Be.Vlaandеren.Basisregisters.CommandHanԁling.Idempotency (NuGet)
--- -= Per source details. Do not edit below this line.=-...