CVE-2026-33523

A flaw was found in httpd. When processing responses from an untrusted or compromised backend server, multiple modules fail to sanitize Carriage Return and Line Feed CRLF sequences in the HTTP status line. This issue leads to an HTTP response splitting attack. Mitigation Mitigation for this issue...

CVE-2026-31230

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

EUVD-2026-11077

A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

CVE-2024-39314

toy-blog is a headless content management system implementation. Starting in version 0.4.3 and prior to version 0.5.0, the administrative password was leaked through the command line parameter. The problem was patched in version 0.5.0. As a workaround, pass --read-bearer-token-from-stdin to the...

EUVD-2016-7353

Malware in sbrugna...

EUVD-2017-0336

Malware in sbrugna...

EUVD-2016-2438

Malware in sbrugna...

EUVD-2011-2476

Malware in sbrugna...

EUVD-2015-0906

Malware in sbrugna...

EUVD-2013-6791

Malware in sbrugna...

EUVD-2016-5813

Malware in sbrugna...

EUVD-2025-31026

Malicious code in bioql PyPI...

EUVD-2023-42622

Malicious code in bioql PyPI...

EUVD-2023-35736

Malicious code in bioql PyPI...

EUVD-2022-2415

Malicious code in bioql PyPI...

Hewlett Packard Enterprise EdgeConnect SD-WAN 安全漏洞

Hewlett Packard Enterprise EdgeConnect SD-WAN is Hewlett Packard Enterprise's secure network foundation for Zero Trust and SASE. It includes best-in-class SD-WAN and next-generation firewalls that deliver unrivaled quality of experience and advanced security. A security vulnerability exists in...

@c0b41/prettify-error (=1.0.0), assume (>=0.0.10 <=1.4.0) +24 more potentially affected by unknown CVE via failing-line (>=0.0.0 <=0.1.0)

failing-line NPM version =0.0.0, =0.0.10, =7.1.0, =0.0.0, =1.0.0, =0.1.1, =0.0.0, =1.0.0, =0.0.1, =0.0.4 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-20163...

CVE-2025-8846 NASM Netwide Assember parser.c parse_line stack-based overflow

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parseline of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...

CVE-2025-54538

CVE-2025-54538 affects JetBrains TeamCity prior to 2025.07. The issue enables password exposure via the command line in the hg pull operation, exposing sensitive credentials under local access. The vulnerability is tied to password handling during the pull process and is documented across multipl...

CVE-2025-54538

In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command...