Microsoft Copilot 命令注入漏洞

Microsoft Copilot is an artificial intelligence-based assistant tool developed by Microsoft. It offers capabilities such as content generation, code writing, and office collaboration. Microsoft Copilot has a command injection vulnerability, which stems from improper neutralization of special...

CVE-2025-70039

CVE-2025-70039 affects linagora Twake 2023.Q1.1223 with a CWE-78 OS command injection vulnerability. Base CVSS 3.1: 9.8 (_network, no auth, no user interaction, impact high for confidentiality, integrity, and availability). Root cause: improper neutralization of special elements used in an OS com...

CVE-2025-0636

CVE-2025-0636 affects Ericsson RAN Compute and Ericsson Site Controller (EMCLI). The issue is a high-severity vulnerability arising from improper neutralization of special elements used in an OS command, potentially enabling Arbitrary Code Execution. The publicly documented details across multipl...

MENNEKES Ladesäule Smart 安全漏洞

MENNEKES Ladesäule Smart is a smart charging post from MENNEKES. A security vulnerability exists in MENNEKES Ladesäule Smart that stems from improper OS command neutralization, which could lead to command execution...

Microchip TimeProvider 4100 操作系统命令注入漏洞

Microchip TimeProvider 4100 is a gateway clock from Microchip, Inc. A security vulnerability exists in the Microchip TimeProvider 4100 prior to version 2.4.7 that stems from improper neutralization of special elements of operating system commands, resulting in OS command injection...

GitHub Enterprise Server 参数注入漏洞

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions prior to 3.7.1, which...