43 matches found
CVE-2020-10250
BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3...
EUVD-2020-28263
Malware in sbrugna...
EUVD-2021-0852
Malware in sbrugna...
EUVD-2014-0111
Malware in sbrugna...
EUVD-2021-14702
Malware in sbrugna...
EUVD-2024-38520
Malicious code in bioql PyPI...
EUVD-2023-56705
Malicious code in bioql PyPI...
CVE-2023-46417
TOTOLINK X6000R v9.4.0cu.652B20230116 was discovered to contain a remote command execution RCE vulnerability via the sub415498 function...
CVE-2021-45382
A Remote Command Execution RCE vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End ...
CVE-2021-39383
DWSurvey v3.2.0 was discovered to contain a remote command execution RCE vulnerability via the component /sysuser/SysPropertyAction.java...
CVE-2020-9377
D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2012-4981
Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability...
CVE-2025-28039
TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...
BIT-PYTORCH-2025-32434 PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model using torch.load with...
CVE-2024-51567
upgrademysqlstatus in databases/views.py in CyberPanel aka Cyber Panel before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware which is only for a POST request and using shell metacharacters in the...
CVE-2024-46997
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...
CVE-2024-12847
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
CVE-2024-40552
PublicCMS v4.0.202302.e was discovered to contain a remote commande execution RCE vulnerability via the cmdarray parameter at /site/ScriptComponent.java...
CVE-2024-32350
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an authenticated remote command execution RCE vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary...