EUVD-2025-208587

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the...

Adobe Magento App 安全漏洞

Adobe Magento is the United States of America Odobie Adobe company's set of open source PHP e-commerce system . The system provides features such as rights management, search engine and payment gateway. A security vulnerability exists in Create Magento App that stems from the lack of implementati...

CVE-2017-14178

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...

Boa Webserver Terminal Escape Sequence in Logs Command Injection Vulnerability

Boa Webserver is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. Boa Webserver 0.94.14rc21 is vulnerable; other versions may also be affected. OpenVAS...