EUVD-2025-21130

Malicious code in bioql PyPI...

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...

CVE-2025-50123

A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console and through exploitation of the hostname input...

CVE-2025-50123

Schneider Electric EcoStruxure IT Data Center Expert (DCE) versions 8.3 and earlier are affected by CVE-2025-50123 due to insufficient sanitization of the hostname input in the .bcsetup script. The hostname value can pass a format check yet include a semicolon and commands, causing those OS comma...

CVE-2025-50123

A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console and through exploitation of the hostname input...