CVE-2026-22225 Command Injection Vulnerability on TP-Link Archer BE230 v1.2 and AXE75 v1.0

A command injection vulnerability may be exploited after the admin's authentication in the VPN Connection Service on the Archer BE230 v1.2 and Archer AXE75 v1.0. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of...

CVE-2025-40898

A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary path...

CVE-2025-3719 Incorrect authorization for CLI in Guardian/CMC before 25.2.0

An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can issue administrative CLI commands, altering the device configuration, and/o...

EUVD-2020-22706

Malware in sbrugna...

EUVD-2025-30791

Malicious code in bioql PyPI...

Authorization

A vulnerability in an access control mechanism of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to access services beyond the scope of their authorization. This vulnerability is due to insufficient enforcement of access control in the affected...

PT-2021-2825 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient enforcement of access control in the affected software, allowing an authenticated, remote attacker to access...

DRUPAL-CONTRIB-2019-021

This resolves issues described in SA-CORE-2019-003 for this module. Not all configurations are affected. See SA-CORE-2019-003 for details...