EUVD-2026-25970

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...

EUVD-2023-42362

Malicious code in bioql PyPI...

EUVD-2024-50361

Malicious code in bioql PyPI...

EUVD-2022-34530

Malicious code in bioql PyPI...

EUVD-2024-19492

Malicious code in bioql PyPI...

EUVD-2022-30972

Malicious code in bioql PyPI...

EUVD-2025-19716

An unauthenticated command injection vulnerability exists in stamparm/maltrail Maltrail versions =0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input...

CVE-2025-24351

A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to execute arbitrary OS commands in the context of user “root” via a crafted HTTP request...

CVE-2024-45274

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication...