294 matches found
EUVD-2020-0083
Malware in sbrugna...
EUVD-2020-0159
Malware in sbrugna...
EUVD-2015-5623
Malware in sbrugna...
EUVD-2002-0646
Malware in sbrugna...
EUVD-1999-1449
Malware in sbrugna...
EUVD-2013-1691
Malware in sbrugna...
EUVD-2024-3357
Malicious code in bioql PyPI...
EUVD-2024-0100
Malicious code in bioql PyPI...
EUVD-2024-31727
Malicious code in bioql PyPI...
EUVD-2022-0042
Malicious code in bioql PyPI...
CVE-2025-9494
An OS command injection vulnerability has been discovered in the Vitogate 300, which can be exploited by malicious users to compromise affected installations. Specifically, the /cgi-bin/vitogate.cgi endpoint is affected, when the form JSON parameter is set to form-0-2. The vulnerability stems fro...
PT-2025-39103
Name of the Vulnerable Software and Affected Versions Vitogate 300 affected versions not specified Description An OS command injection issue exists in the Vitogate 300. A malicious user can exploit this to compromise affected installations. The issue is present in the /cgi-bin/vitogate.cgi API...
Linux Distros Unpatched Vulnerability : CVE-2021-31607
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion...
K000152943: PyYAML vulnerability CVE-2019-20477
Security Advisory Description PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342. CVE-2019-20477...
CVE-2012-10048
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
CVE-2012-10048
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
CVE-2012-10048 Zenoss 3.x showDaemonXMLConfig Command Execution
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
CVE-2012-10048 Zenoss 3.x showDaemonXMLConfig Command Execution
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
CVE-2012-10048
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
CVE-2012-10048
CVE-2012-10048 affects Zenoss Core 3.x. The vulnerability is in the showDaemonXMLConfig endpoint where the daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitization, allowing an authenticated user to execute arbitrary commands on the server as the zenoss u...