29 matches found
EUVD-2017-15654
Malware in sbrugna...
EUVD-2018-20680
Malware in sbrugna...
EUVD-2020-5060
Malware in sbrugna...
EUVD-2023-32347
Malicious code in bioql PyPI...
EUVD-2023-27779
Malicious code in bioql PyPI...
EUVD-2021-7085
Malicious code in bioql PyPI...
EUVD-2025-5296
Malicious code in bioql PyPI...
EUVD-2024-32848
Malicious code in bioql PyPI...
CVE-2024-35314
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit requires user...
CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 22.22.6100.0 could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters...
CVE-2024-22063 ZTE ZENIC ONE R58 product has a CSV injection vulnerability
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devices...
CVE-2024-7575 Improper neutralization special element in hyperlinks
In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...
CVE-2023-41347
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
PT-2023-7408
Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description The authentication-related function in the affected devices has a vulnerability due to insufficient filtering of special characters within i...
Cacti Operating System Command Injection Vulnerability
Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti suffers from an operating system command injection vulnerability that...
Hitron Technologies CODA-5310 Remote Command Execution Vulnerability
Hitron Technologies CODA-5310 is a wireless router. The Hitron Technologies CODA-5310 suffers from a remote command execution vulnerability that can be exploited by an attacker to perform a command injection attack using the administration page to execute arbitrary system commands, manipulate the...
CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 22.22.6100.0 could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters...
promise-probe OS command injection vulnerability
promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...
Command injection
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands...
No Patch for High-Severity Bug in Legacy IBM System X Servers
Two legacy IBM System x server models, retired in 2019, are open to attack and will not receive security patches, according to hardware maker Lenovo. However, the company is offering workaround mitigation. The two models, IBM System x 3550 M3 and IBM System x 3650 M3, are both vulnerable to comma...