EUVD-2026-3620

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...

MiracleLinux 4 : file-5.04-30.AXS4 (AXSA:2016-325:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-325:01 advisory. The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file...

MiracleLinux 4 : file-5.04-21.AXS4 (AXSA:2014-614:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-614:01 advisory. Description : The file command is used to identify a particular file according to the type of data contained by the file. File can identify many...

MiracleLinux 4 : mysql-5.1.66-2.0.1.AXS4 (AXSA:2013-03:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-03:01 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different clie...

D-Link DIR-852 HNAP1 File Command Injection Vulnerability

D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that stems from the failure of file /HNAP1/ to properly filter...

PT-2025-41300

Name of the Vulnerable Software and Affected Versions wonderwhy-er DesktopCommanderMCP versions up to 0.2.13 Description A flaw exists within the software that allows for operating system command injection. This occurs due to improper handling of commands within the extractBaseCommand function...

Desktop Commander MCP 操作系统命令注入漏洞

Desktop Commander MCP is an MCP server by the individual developer Eduard Ruzga. An operating system command injection vulnerability exists in Desktop Commander MCP version 0.2.13 and earlier, which stems from improper manipulation of the function CommandManager in the file src/command-manager.ts...

EUVD-2019-0807

Malware in sbrugna...

EUVD-2016-9417

Malware in sbrugna...

EUVD-2003-0098

Malware in sbrugna...

EUVD-2025-3654

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-18888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidat...

file security update

An update is available for file. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The file command is used to identify a particular file according to the type of...

RLSA-2024:2512 Low: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

Low: Red Hat Security Advisory: file security update

An update for file is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

ALSA-2024:2512 Low: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

Exploit for Code Injection in Sitecore Experience_Commerce

Sitecore Remote Code Execution Vulnerability CVE: 2023-35813 d...

CVE-2023-5399

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command...

CVE-2023-5399

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command...