CVE-2025-36588

Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

CVE-2025-36588

Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

CVE-2025-36588

CVE-2025-36588 affects Dell Unisphere for PowerMax, 10.2.0.x, due to an Improper Neutralization of Special Elements used in an SQL Command (SQL Injection). A low-privileged, remote attacker could potentially achieve command execution. Root cause: improper neutralization in SQL commands. CVSS 3.1 ...

MAL-2026-461 Malicious code in @corp-front/corporate-filter-company-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3aaa588b7207d5174a115bb4b75335970dd288419043e978ffc3dc455f8608c5 The package @corp-front/corporate-filter-company-select was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-460 Malicious code in pay-by-bank-dashboard-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20c58f9aa900a5052fd440dd0a9a3e3ecb345fb4fee2be527b5af385485ee224 The package pay-by-bank-dashboard-server was found to contain malicious code. Source: ghsa-malware...

Vulnerabilities fixed in Cisco Unified Communications products

Cisco has fixed vulnerabilities in several Cisco Unified Communications products. The vulnerabilities include a critical vulnerability that allows unauthenticated remote attackers to execute arbitrary commands on the device's operating system. This is due to improper validation of user input in...

EVMAPA

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to degraded service, a denial-of-service, or unauthorized remote command execution, which could lead to spoofing or a manipulation of charging station statuses. 2. RECOMMENDED PRACTICES CISA recommends users take...

CVE-2026-23699

AP180 series with firmware versions prior to APRGOS 11.94B1P8 contains an OS command injection vulnerability. If this vulnerability is exploited, arbitrary commands may be executed on the devices...

SUSE CVE-2021-47853

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

PT-2026-3949

Name of the Vulnerable Software and Affected Versions Dell Unisphere for PowerMax versions 10.2.0.x Description Dell Unisphere for PowerMax versions 10.2.0.x contain an Improper Neutralization of Special Elements used in an SQL Command vulnerability, also known as 'SQL Injection'. A low privilege...

Apryse HTML2PDF SDK has security vulnerabilities

The Apryse HTML2PDF SDK is a file format conversion component developed by the American company Apryse. Versions of the Apryse HTML2PDF SDK 11.10 and earlier contained security vulnerabilities. These vulnerabilities stemmed from vulnerabilities in the InsertFromURL function, which could allow for...

Linux Distros Unpatched Vulnerability : CVE-2026-23953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML...

PT-2026-3897

AP180 series with firmware versions prior to AP RGOS 11.94B1P8 contains an OS command injection vulnerability. If this vulnerability is exploited, arbitrary commands may be executed on the devices...

Azure Linux 3.0 Security Update: pytorch (CVE-2024-7776)

The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7776 advisory. - A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16....

Incus path traversal vulnerability

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.21.0 contained a path traversal vulnerability. This vulnerability stemmed from directory traversal or symbolic link issues within the template functionality, which could lead to arbitrary file...

Linux Distros Unpatched Vulnerability : CVE-2021-47853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query...

Linux Distros Unpatched Vulnerability : CVE-2026-23954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image e.g a...

VulnCheck KEV: CVE-2022-31208

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmdstring URL parameter...