CVE-2024-24909

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run arbitrary code...

CVE-2024-22451

Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution...

CVE-2026-47964

Affected software : DNG SDK (version 1.7.1 2536 and earlier). Vulnerability : Heap-based buffer overflow (CWE-122) in the DNG SDK, potentially allowing arbitrary code execution in the context of the current user. Impact : Arbitrary code execution with high impact (confidentiality/ integrity/ avai...

Malicious code in chai-as-tokenized (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55c10da182a0c79ca5eb0f85c6b2e334b7ee4e90946dfcc34feb44e80afa4485 Package name impersonates chai-as-promised, and the README is a copy of pino's documentation, but the actual code is a remote-code-execution dropper...

MAL-2026-5902 Malicious code in chai-as-tokenized (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55c10da182a0c79ca5eb0f85c6b2e334b7ee4e90946dfcc34feb44e80afa4485 Package name impersonates chai-as-promised, and the README is a copy of pino's documentation, but the actual code is a remote-code-execution dropper...

EUVD-2026-37131

Yeoman Environment provides an API to discover, create, and run generators, and to configure where and how a generator is resolved. Versions 2.9.0 through 6.0.0 install missing local generator packages from caller-supplied package names without user confirmation. In downstream consumers that pass...

CVE-2026-24228

NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure...

EUVD-2026-37130

NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure...

CVE-2026-24228

NVIDIA NeMo Framework for Linux contains a vulnerability where deserialization of untrusted data may lead to code execution, privilege escalation, data tampering, and information disclosure. The connected NVIDIA security bulletin confirms affected product: NVIDIA NeMo Framework for Linux, with af...

CVE-2026-24155

NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2024-30476

CVE-2024-30476 details a Stored Cross-Site Scripting vulnerability in Dell PowerStore Manager. A remote authenticated, low-privileged attacker could exploit this to execute scripts in the browser of an authenticated user. CVSS v3.1 base score 5.4 (Medium); attack vector: Network; privileges requi...

EUVD-2026-37127

Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine...

CVE-2026-44932 indirect remote shell command injection via unsanitized DHCP options in wicked

Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine...

CVE-2026-44932

Wicked (openSUSE/SUSE Linux) is affected by CVE-2026-44932 through an indirect remote shell command injection via unsanitized DHCP options. The root cause is unsanitized DHCP strings being handled by the wicked DHCP client, with leaseinfo dump output and certain option processing allowing code ex...

EUVD-2024-55622

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run arbitrary code...

CVE-2024-24909

The CVE affects Dell OpenManage Integration with Microsoft Windows Admin Center, specifically the gateway plugin, which contains a Remote Code Execution vulnerability. A remote authenticated user could potentially escalate privileges and run arbitrary code remotely, with a CVSS v3.1 base score of...

CVE-2024-24909

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run arbitrary code...

CVE-2026-12398

A command injection vulnerability was found in galaxyng. The dogitcheckout function in the legacy role import API v1 interpolates unsanitized git ref names branch/tag names into shell commands executed via subprocess.run with shell=True. An authenticated user who controls a git repository can...

CVE-2024-22447

Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious dll., leading to arbitrary code execution...

CVE-2024-22451

Dell Peripheral Manager (versions 1.5.1–1.7.2) contains an uncontrolled search path element vulnerability that could allow arbitrary code execution via preloading a malicious executable. Affected component is the Dell Peripheral Manager executable path; root cause is an uncontrolled search path e...