44 matches found
EUVD-2024-50523
Malicious code in bioql PyPI...
EUVD-2023-37649
Malicious code in bioql PyPI...
EUVD-2024-53505
Malicious code in bioql PyPI...
EUVD-2023-59120
Malicious code in bioql PyPI...
EUVD-2023-37650
Malicious code in bioql PyPI...
CVE-2024-57036
TOTOLINK A810R V4.1.2cu.5032B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2023-33487
TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contains a command insertion vulnerability in setDiagnosisCfg.This vulnerability allows an attacker to execute arbitrary commands through the "ip" parameter...
CVE-2023-33486
TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contain a command insertion vulnerability in setOpModeCfg. This vulnerability allows an attacker to execute arbitrary commands through the "hostName" parameter...
CVE-2023-6921
Blind SQL Injection vulnerability in PrestaShow Google Integrator PrestaShop addon allows for data extraction and modification. This attack is possible via command insertion in one of the cookies...
CVE-2024-57036
TOTOLINK A810R V4.1.2cu.5032B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request...
CVE-2024-57036
TOTOLINK A810R V4.1.2cu.5032B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request...
CVE-2024-57036
CVE-2024-57036 applies to TOTOLINK A810R, specifically version 4.1.2cu.5032_B20200407. The vulnerability is a command insertion flaw in the downloadFile.cgi main function that allows an attacker to execute arbitrary commands by sending a crafted HTTP request. The reported CVSSv3.1 base score is 8...
CVE-2024-57036
TOTOLINK A810R V4.1.2cu.5032B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request...
CVE-2024-57036
TOTOLINK A810R V4.1.2cu.5032B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request...
UBUNTU-CVE-2024-56803
Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by default in 1.0.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
Totolink EX200 (v4.0.3c.7646_B20201211) contains a command-injection vulnerability in the setUssd function, allowing arbitrary commands to be executed via the ussd parameter. The CVE entry notes a network-exposed, low-privilege path with required user interaction and a high impact on availability...