PT-2026-21552

Name of the Vulnerable Software and Affected Versions TOTOLINK X6000R version 9.4.0cu.1498 B20250826 Description The software contains an OS command injection issue in the NTPSyncWithHost handler of the /usr/sbin/shttpd executable. The host time parameter is processed by the sub 40C404 function a...

CVE-2025-66259

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in mainok.php user supplied data/hour/time is passed directl...

EUVD-2025-199669

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in mainok.php user supplied data/hour/time is passed directl...

DB Electronica Mozart FM Transmitter 安全漏洞

The DB Electronica Mozart FM Transmitter is a line of professional-grade FM radio transmitters from the Italian company DB Electronica. A security vulnerability exists in DB Electronica Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000, which originates...

PT-2025-48113

Name of the Vulnerable Software and Affected Versions DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30 through 7000 Description The software contains a flaw that allows for remote code execution. An attacker with authentication can execute code due to insufficient input...

D-Link DIR-816 Command Injection Vulnerability (CNVD-2019-02398)

D-Link DIR-816 is a home router product from AUO. A command injection vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which stems from the program's use of the 'datetime' parameter value to construct the 'date -s "%s"' command, which can be exploited by an attacker to this...

CVE-2014-9471

The parsedatetime function in GNU coreutils allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command...

DEBIAN-CVE-2014-9471

The parsedatetime function in GNU coreutils allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command...

Command injection

The parsedatetime function in GNU coreutils allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command...

CVE-2014-9471

The parsedatetime function in GNU coreutils allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command...

CVE-2014-9471

The parsedatetime function in GNU coreutils allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command...

UBUNTU-CVE-2014-9471

The parsedatetime function in GNU coreutils allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command...

SuSE 10 Security Update : coreutils (ZYPP Patch Number 7655)

This update of coreutils fixes the following security issue : - 697897: coreutils: when running 'su -c' to execute commands as different user the target user could inject command back into the calling users terminal via the TIOCSTI ioctl. This update also fixes the following non-security issues :...

CVE-2009-1300

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight...

Command injection

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight...

CVE-2009-1300

CVE-2009-1300 affects the apt package (dpkg front-end) where the cron.daily script can fail to load security updates in time zones with DST at midnight because the date command’s return code is not checked. Connected advisories confirm the issue across multiple distributions (Debian etch, lenny; ...

CVE-2009-1300

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight...

CVE-2009-1300

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight...