CVE-2025-3679

PCMan FTP Server 2.0.7 is affected by a buffer overflow in the HOST Command Handler. The vulnerability arises from improper handling of input in that component, enabling remote exploitation. Several sources indicate the exploit has been disclosed publicly, and advisories suggest disabling the HOS...

CVE-2025-3679 PCMan FTP Server HOST Command buffer overflow

A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

PT-2025-16574 · Unknown · Pcman Ftp Server

Name of the Vulnerable Software and Affected Versions: PCMan FTP Server version 2.0.7 Description: A critical vulnerability was found in the HOST Command Handler component of PCMan FTP Server, leading to a buffer overflow. The attack can be launched remotely, and the exploit has been disclosed to...

PCMan FTP Server 安全漏洞

PCMan FTP Server is an FTP server software that provides file transfer services. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the failure of the HOST Command Handler module to properly process input when handling a specific request. No detailed vulnerability detai...

Osmedeus Core Engine 安全漏洞

Osmedeus Core Engine is a workflow engine for offensive security by the individual developer Ai Ho. A security vulnerability exists in Osmedeus Core Engine version 4.6.4 and earlier, which stems from improper file content filtering and is vulnerable to cross-site scripting attacks, and may also...

AZL-52287 CVE-2024-50008 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexcmd80211scanext Replace one-element array with a flexible-array member in struct hostcmdds80211scanext. With this, fix the following warning: elo 16 17:51:58...

UBUNTU-CVE-2024-47673

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped Not doing so will make us send a host command to the transport while the firmware is not alive, which will trigger a WARNING. bad state = 0 WARNING: CPU: 2 PID: 17434 at...

SolarWinds Web Help Desk 代码问题漏洞

SolarWinds Web Help Desk is a suite of help desk and asset management software from US-based SolarWinds. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A code issue vulnerability exists in SolarWinds Web Help Desk 12.8.3 and...

PT-2023-13353 · Rws · Rws Worldserver

Name of the Vulnerable Software and Affected Versions: RWS WorldServer versions prior to 11.7.3 Description: An issue was discovered in RWS WorldServer where the /clientLogin endpoint deserializes Java objects without authentication, leading to command execution on the host. Recommendations: For...

CVE-2023-38743

Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine...

CVE-2023-28365

A backup file vulnerability found in UniFi applications Version 7.3.83 and earlier running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored...

Elastic Kibana 代码注入漏洞

Elastic Kibana is an application from the Dutch company Elastic. A free and open user interface that enables you to visualize Elasticsearch data and lets you navigate through the Elastic Stack. A security vulnerability exists in Elastic Kibana versions 8.0.0 through 8.7.0. An attacker could explo...

CVE-2022-2253

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server...

PT-2022-2711 · Cisco · Cisco Iox +2

Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operati...

Ansible-Runner 操作系统命令注入漏洞

Ansible-Runner is an open source tool and Python library from Ansible, Inc. It is used to provide assistance when interacting directly with Ansible or as part of another system. Ansible-Runner suffers from an operating system command injection vulnerability that stems from incorrect input...

XStream远程代码执行漏洞（CVE-2021-29505）

CVE-2021-29505 Vulnerability CVE-2021-29505: XStream is vulnerable to a Remote Command Execution attack. Affected Versions All versions until and including version 1.4.16 are affected, if using the version out of the box. No user is affected, who followed the recommendation to setup XStream's...

CVE-2019-5323

There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If conditions are met, an attacker can obtain command execution on the host...

runc: Execution of malicious containers allows for container escape and access to host filesystem

A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system...

CVE-2018-2478

An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the adm user. The commands executed depen...

RHEL 7 : glusterfs (RHSA-2018:1954)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1954 advisory. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance fo...