CVE-2022-38156

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...

PT-2026-1821

Name of the Vulnerable Software and Affected Versions Veeam affected versions not specified Description The software contains a flaw that enables a Backup Administrator to execute code remotely as the postgres user. This is achieved by submitting a crafted password parameter. The issue allows for...

EUVD-2018-8764

Malware in sbrugna...

EUVD-2015-8643

Malware in sbrugna...

EUVD-2019-16516

Malware in sbrugna...

EUVD-2022-4813

Malicious code in bioql PyPI...

EUVD-2022-5215

Malicious code in bioql PyPI...

CVE-2025-46123

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the authenticated configuration endpoint /admin/conf.jsp writes the Wi-Fi guest password to memory with snprintf using the attacker-supplied...

CVE-2025-46123

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the authenticated configuration endpoint /admin/conf.jsp writes the Wi-Fi guest password to memory with snprintf using the attacker-supplied...

CVE-2019-17203

TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder...

CVE-2019-16904

TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. The crafted password is exploitable when viewing the change history of the item or tapping on the item...

CVE-2018-16978

Monstra CMS V3.0.4 has XSS when ones tries to register an account with a crafted password parameter to users/registration, a different vulnerability than CVE-2018-11473...

CVE-2024-45979

A host header injection vulnerability in Lines Police CAD 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts...

CVE-2024-45981

A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link...

CVE-2022-38156

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...

Kratos SpectralNet 命令注入漏洞

Kratos SpectralNet is a carrier-level digitizer for ensuring QoS and SLAs from Kratos USA. A command injection vulnerability exists in Kratos SpectralNet Narrowband NB versions versions prior to 1.7.5. An attacker could exploit this vulnerability by sending a specially crafted password to execute...

CVE-2022-38156

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...

CVE-2022-30306

A stack-based buffer overflow vulnerability CWE-121 in the CA sign functionality of FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted password...

SUSE CVE-2019-10164

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the...

GHSA-RPMR-FWH5-24FM TeamPass Cross-site Scripting (XSS) vulnerability

TeamPass 2.1.27.36 allows XSS by setting a crafted password for an item in a folder, and then sharing that item with an admin. The crafted password is exploitable when viewing the change history, or the previous used password field...