CVE-2026-44194

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution RCE vulnerability in the OPNsense core allows a user with user-management privileges to execute arbitrary system commands as root. An attacker can bypass input validation by formatti...

EUVD-2020-6319

Malware in sbrugna...

Applio 路径遍历漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. A path traversal vulnerability exists in Applio 3.2.8-bugfix and earlier versions, which stems from an arbitrary file deletion issue in core.py, where the outputttspath parameter of tts.py accepts arbitrary user input and...

Pharmacy Management System SQL注入漏洞

Pharmacy Management System MPMS is a multilingual pharmacy management system. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which originates from the email parameter in logincore.php that lacks validation of externally entered SQL statements. An attacker can exploit thi...

PT-2021-7106 · Unknown · Ajax.Net Professional

Name of the Vulnerable Software and Affected Versions: Ajax.NET Professional AjaxPro versions prior to 21.12.22.1 Description: The issue relates to JavaScript object injection, which may result in cross-site scripting when leveraged by a malicious user. This occurs due to the deserialization of...

CVE-2020-14162

An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command...

Updated irssi packages fix security vulnerability

An information disclosure vulnerability was found in the buf.pl core script for irssi. Other users on the same machine may be able to retrieve the whole window contents after /UPGRADE when the buf.pl script is loaded. Furthermore, this dump of the windows contents is never removed afterwards...