CVE-2026-6113 Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

Malicious code in tracking-service-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbea868891563a569959fb4cb0283257c07da112b0e854b53431157e0a12af57 The package tracking-service-config was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-1457 Malicious code in tracking-service-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbea868891563a569959fb4cb0283257c07da112b0e854b53431157e0a12af57 The package tracking-service-config was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in service-config-provider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 40822518b54e1e34955d491e8ede52f50b7da5e2146715795dade573b232ec10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-39841

A SQL Injection vulnerability exists in the service configuration functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23...

Citrix Delivery Controllers generates Event ID 505 and Event ID 3602 continuously

Upgrading CVAD version to 2308 generates“Citrix ConfigSync Service” with "Event ID “505 ” and "Citrix High Availability Service" with "Event ID 3602" The Citrix Config Sync Service failed an import. Error details: Error importing configuration data into secondary Broker...

PT-2023-15388 · Rsa · Rsa Netwitness Platform

Name of the Vulnerable Software and Affected Versions: RSA NetWitness Platform versions prior to 12.2 Description: The issue allows local and admin Windows user accounts to modify the endpoint agent service configuration, either disabling it completely or running user-supplied code or commands...

CVE-2022-20207

In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A buffer overflow vulnerability exists in the ASUS BMC's firmware Web management page, which originates from the Web Service configuration function not validating the length of a string entered by the user, and can be exploited by a remote attacker...