CVE-2026-4157 ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability

ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The...

EUVD-2024-44193

Malicious code in bioql PyPI...

Exploit for CVE-2025-2894

Unitree Robot BLE Service Command Injection Analysis !Meme...

CVE-2025-34035 EnGenius EnShare IoT Gigabit Cloud Service Command Injection

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...

AlmaLinux 8 : webkit2gtk3 (ALSA-2025:2034)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:2034 advisory. webkitgtk: Processing maliciously crafted web content may lead to memory corruption CVE-2024-54543 webkitgtk: A maliciously crafted webpage may be able to...

CVE-2022-22688

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

Debian DLA-1519-1 : python2.7 security update

Multiple vulnerabilities were found in the CPython interpreter which can cause denial of service, information gain, and arbitrary code execution. CVE-2017-1000158 CPython aka Python is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-base...