145235 matches found
PT-2026-42977
Name of the Vulnerable Software and Affected Versions Totolink A8000RU version 7.1cu.643 b20200521 Description A weakness in the Web Management Interface allows for remote OS command injection. This occurs through the manipulation of the enable argument within the setRemoteCfg function of the...
ROS-20260524-73-0034
A vulnerability in the vim text editor is related to the failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands provided the user opens a specially generated file...
Hermes Agent 操作系统命令注入漏洞
Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent 5157f5427f19488b31c6fdebbacd15d798ce7f63 and earlier versions have a vulnerability related to operating system command injection. This vulnerability stems from improper...
Edimax EW-7438RPn 命令注入漏洞
The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Version 1.12 of the Edimax EW-7438RPn has a command injection vulnerability. This vulnerability stems from improper handling of the parameter maxConn/timeOut in the formConnectionSetting function of the Setti...
PT-2026-42902
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...
PT-2026-42945
A vulnerability was found in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...
PT-2026-42971
Name of the Vulnerable Software and Affected Versions Edimax BR-6675nD version 1.12 Description A flaw in the POST Request Handler component allows for remote command injection. The issue exists within the formUSBStorage function located in the '/goform/formUSBStorage' endpoint. An attacker can...
ROS-20260524-73-0037
Vulnerability in vim text editor is related to failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
CVE-2026-9343
A weakness has been identified in Edimax EW-7438RPn up to 1.31. The affected element is the function formWpsStart of the file /goform/formWpsStart of the component webs. This manipulation of the argument pinCode causes os command injection. Remote exploitation of the attack is possible. The explo...
MAL-2026-4630 Malicious code in openprompt-lang (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c9966d5fe1ab82b40fd24082c36cc9acf5677772768f75b30cda755d9cdd98f scripts/postinstall.js runs unconditionally during npm install. When the opencode binary is not on PATH true for nearly every fresh install, it...
CVE-2026-9343 Edimax EW-7438RPn webs formWpsStart os command injection
A weakness has been identified in Edimax EW-7438RPn up to 1.31. The affected element is the function formWpsStart of the file /goform/formWpsStart of the component webs. This manipulation of the argument pinCode causes os command injection. Remote exploitation of the attack is possible. The explo...
CVE-2026-9343 Edimax EW-7438RPn webs formWpsStart os command injection
A weakness has been identified in Edimax EW-7438RPn up to 1.31. The affected element is the function formWpsStart of the file /goform/formWpsStart of the component webs. This manipulation of the argument pinCode causes os command injection. Remote exploitation of the attack is possible. The explo...
CVE-2026-9343
A weakness has been identified in Edimax EW-7438RPn up to 1.31. The affected element is the function formWpsStart of the file /goform/formWpsStart of the component webs. This manipulation of the argument pinCode causes os command injection. Remote exploitation of the attack is possible. The explo...
EUVD-2026-31553
A weakness has been identified in Edimax EW-7438RPn up to 1.31. The affected element is the function formWpsStart of the file /goform/formWpsStart of the component webs. This manipulation of the argument pinCode causes os command injection. Remote exploitation of the attack is possible. The explo...
CVE-2026-9343
Technical details about CVE-2026-9343 are not publicly available in the provided documents. Please monitor for updates from official advisories and vendor communications.
CVE-2018-25356
SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can trigger the vulnerability by supplying oversized input to the -3pcc, -i, or -logfile parameters,...
UBUNTU-CVE-2018-25357
Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...
EUVD-2018-21877
SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can trigger the vulnerability by supplying oversized input to the -3pcc, -i, or -logfile parameters,...
CVE-2018-25356
The CVE applies to SIPp 3.6 and earlier, where a local buffer overflow exists in command-line argument handling. The underlying issue is a strcpy overflow in sipp.cpp caused by oversized input to -3pcc, -i, or -log_file parameters. This can allow a local attacker to crash SIPp or potentially exec...
CVE-2018-25356
SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can trigger the vulnerability by supplying oversized input to the -3pcc, -i, or -logfile parameters,...