CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

Gargoyle Router Management Utility 安全漏洞

Gargoyle Router Management Utility is a third-party router firmware from Gargoyle. A security vulnerability exists in Gargoyle Router Management Utility version 1.5.x, which stems from a restricted or insufficient validation of the commands parameter input, which could allow an authenticated...

EUVD-2001-0982

Malware in sbrugna...

EUVD-2020-2521

Malware in sbrugna...

EUVD-2014-6389

Malware in sbrugna...

EUVD-2013-0728

Malware in sbrugna...

EUVD-2024-54340

Malicious code in bioql PyPI...

CVE-2020-10056

A vulnerability has been identified in License Management Utility LMU All versions V2.4. The lmgrd service of the affected application is executed with local SYSTEM privileges on the server while its configuration can be modified by local users. The vulnerability could allow a local authenticated...

CVE-2013-0717

Multiple cross-site request forgery CSRF vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that 1...

CVE-2024-13804

Unauthenticated RCE in HPE Insight Cluster Management Utility...

CVE-2024-13804

Unauthenticated RCE in HPE Insight Cluster Management Utility...

CVE-2024-13804

Unauthenticated RCE in HPE Insight Cluster Management Utility...

CVE-2024-13804

CVE-2024-13804 is an unauthenticated remote code execution vulnerability affecting Hewlett Packard Enterprise Insight Cluster Management Utility (CMU). Public references indicate impact on CMU version 8.2 and describe exploitation with network access and no authentication to run code with high pr...

CVE-2024-13804

Unauthenticated RCE in HPE Insight Cluster Management Utility...

PT-2025-13633 · Hewlett Packard · Hpe Insight Cluster Management Utility

Name of the Vulnerable Software and Affected Versions: HPE Insight Cluster Management Utility CMU version 8.2 Description: The issue is related to an unauthenticated Remote Code Execution RCE vulnerability in HPE Insight Cluster Management Utility CMU. This vulnerability allows unauthenticated...

Hewlett Packard Enterprise Insight Cluster Management Utility 安全漏洞

Hewlett Packard Enterprise Insight Cluster Management Utility is a utility for Hewlett Packard Enterprise cluster management from Hewlett Packard Enterprise USA. It can be used for monitoring, configuration and management of cluster systems. A security vulnerability exists in Hewlett Packard...

MAL-2024-7944 Malicious code in customer-oauth2-token-management-utility (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7470945b8ee8dd4e437867aa2317e357a5536870671edc131c9c21ee62111acc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2023-12095 · Smu · Smu

Name of the Vulnerable Software and Affected Versions: SMU affected versions not specified Description: The issue is related to insufficient input validation of mailbox data in the SMU, which may allow an attacker to coerce the SMU to corrupt SMRAM. This could potentially lead to a loss of...

An unspecified vulnerability exists in rConfig (CNVD-2021-70096)

rConfig is an open source web configuration management utility. rConfig version 3.9.6 contains a security vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php, which can be exploited by attackers to execute arbitrary code via specially crafted files...

rConfig SQL Injection Vulnerability (CNVD-2021-61756)

rConfig is an open source network device configuration management utility. rConfig version 3.9.5 is vulnerable to a SQL injection vulnerability that stems from an unvalidated dbName parameter in ajaxDbInstall.php, which can be exploited by attackers to access sensitive database information...