459 matches found
EUVD-2023-39761
Malicious code in bioql PyPI...
EUVD-2025-28866
Malicious code in bioql PyPI...
EUVD-2025-31021
Malicious code in bioql PyPI...
EUVD-2025-27500
Malicious code in bioql PyPI...
EUVD-2022-34513
Malicious code in bioql PyPI...
EUVD-2023-28541
Malicious code in bioql PyPI...
EUVD-2022-50315
Malicious code in bioql PyPI...
CVE-2025-59738
AndSoft e-TMS v25.03 contains an OS command-injection vulnerability. The flaw originates from the misuse of the m parameter in the /clt/LOGINFRM_BET.ASP endpoint, exploitable via a POST request to run operating-system commands on the server. Public advisories (NVD, CNVD/CNNVD, CIRCL/CVE) confirm ...
CVE-2025-59738 Multiple vulnerabilities in AndSoft's e-TMS
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/clt/LOGINFRMBET.ASP'...
PT-2025-40357
Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description An operating system command injection issue exists in AndSoft e-TMS version 25.03. This allows an attacker to execute operating system commands on the server. The issue is exploitable by sending a POST...
CVE-2025-11005 TOTOLINK X6000R Unauthenticated Command Injection Vulnerability
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1458B20250708...
CVE-2025-52906
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1360B20241207...
CVE-2025-52906
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1360B20241207...
CVE-2025-10589
The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server...
CVE-2025-10589
The CVE-2025-10589 entry concerns OS Command Injection in N-Partner’s N-Reporter, N-Cloud, and N-Probe. Affected components are the N-Reporter/N-Cloud/N-Probe products (authentic remote access) and the underlying issue allows injection and execution of arbitrary OS commands on the server. Severit...
CVE-2025-10589 N-Partner|N-Reporter, N-Cloud, N-Probe - OS Command Injection
The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server...
Chaos Mesh 操作系统命令注入漏洞
Chaos Mesh is an open source cloud-native engineering platform from Chaos Mesh Open Source. Chaos Mesh suffers from an OS command injection vulnerability that stems from the killProcesses mutation being susceptible to an os command injection attack that could lead to remote code execution...
CVE-2025-10265
Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...
CVE-2025-10265 Digiever|NVR - OS Command Injection
Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...
CVE-2025-9996
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause the execution of any shell command when executing a netstat command using BLMon Console in an SSH session...