140 matches found
CVE-2026-52756 Ghidra < 12.2 - Unauthenticated Path Traversal in Debugger ISF Server
Ghidra before 12.2 contains an unauthenticated path traversal vulnerability in the IsfServer that accepts TCP connections and passes client-supplied namespace strings directly to filesystem operations without validation. Remote attackers can connect to port 54321 and send crafted protobuf message...
CVE-2026-31996
OpenClaw versions prior to 2026.2.19 tools.exec.safeBins contains an input validation bypass vulnerability that allows attackers to execute unintended filesystem operations through sort output flags or recursive grep flags. Attackers with command execution access can leverage sort -o flag for...
CVE-2026-28442
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting directly with the API, these restrictions can be...
CVE-2026-28442 ZimaOS: Arbitrary Deletion of Internal System Files via API Path Manipulation
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting directly with the API, these restrictions can be...
CVE-2025-37146 Unauthorized Filesystem Operations in System Firmware allow Authenticated Remote Code Execution
A vulnerability in the web-based management interface of network access point configuration services could allow an authenticated remote attacker to perform remote command execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...
CVE-2025-37146 Unauthorized Filesystem Operations in System Firmware allow Authenticated Remote Code Execution
A vulnerability in the web-based management interface of network access point configuration services could allow an authenticated remote attacker to perform remote command execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...
CVE-2025-37146
The CVE-2025-37146 entry describes a vulnerability in the web-based management interface of network access point configuration services (e.g., HPE ArubaOS) that can allow an authenticated remote attacker to perform remote command execution on the underlying OS. The public sources indicate exploit...
EUVD-2010-2042
Malware in sbrugna...
EUVD-2011-1834
Malware in sbrugna...
EUVD-2020-2298
Malware in sbrugna...
EUVD-2020-12156
Malware in sbrugna...
EUVD-2020-11968
Malware in sbrugna...
EUVD-2013-3937
Malware in sbrugna...
EUVD-2020-2314
Malware in sbrugna...
EUVD-2020-12180
Malware in sbrugna...
EUVD-2019-9972
Malware in sbrugna...
EUVD-2020-12190
Malware in sbrugna...
EUVD-2020-12074
Malware in sbrugna...
EUVD-2020-2315
Malware in sbrugna...
EUVD-2012-6001
Malware in sbrugna...