4 matches found
EUVD-2025-203835
systeminformation has a Command Injection vulnerability in fsSize function on Windows...
CVE-2025-68154 Command Injection in fsSize() on Windows
systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...
CVE-2025-68154 Command Injection in fsSize() on Windows
systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...
The vulnerability of the disk redirect channel in the implementation of the FreeRDP remote desktop protocol allows a intruder to gain unauthorized access to protected information or cause a service failure.
The vulnerability of the disk redirecting channel in the implementation of the FreeRDP remote desktop protocol is related to the issue where the operation goes beyond the buffer boundaries when checking the input length for parameters /drive, +drives, or +home-drive. Exploiting this vulnerability...