CVE-2025-32821

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance...

Milesight UG65-868M-EA

RISK EVALUATION Successful exploitation of this vulnerability could allow any user with admin privileges to inject arbitrary shell commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Ensure that...

Linux Distros Unpatched Vulnerability : CVE-2015-20107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow...

SUSE-SU-2025:0599-1 Security update for emacs

This update for emacs fixes the following issues: - CVE-2025-1244: improper handling of custom 'man' URI schemes allow for shell command injections. bsc1237091...

SUSE-SU-2025:0589-1 Security update for emacs

This update for emacs fixes the following issues: - CVE-2025-1244: improper handling of custom 'man' URI schemes allow for shell command injections. bsc1237091...

Security update for emacs

This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2025:0574-1 Security update for emacs

This update for emacs fixes the following issues: - CVE-2025-1244: improper handling of custom 'man' URI schemes allow for shell command injections. bsc1237091...

[SECURITY] [DLA 4047-1] sssd security update

Debian LTS Advisory DLA-4047-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin February 09, 2025 https://wiki.debian.org/LTS Package : sssd Version : 2.4.1-2+deb11u1 CVE ID : CVE-2021-3621 CVE-2023-3758 Debian Bug : 992710 1070369 Vulnerabilities were found in sssd...

CVE-2024-42360

SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. Several HTTP endpoints did not properly sanitize user input and/or query parameters. This could be exploited to inject and run unwanted shell commands. This vulnerability has been...

CVE-2024-42502

Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system...

PT-2025-2192 · Newtec · Newtec/Idirect Ntc2299 +2

Name of the Vulnerable Software and Affected Versions: Newtec/iDirect NTC2218, NTC2250, NTC2299 versions 1.0.1.1 through 2.2.6.19 Description: The issue affects the commit multicast page in the modem's web administration interface, which improperly parses incoming data from the request before...

ABB Cylon Aspect 3.08.01 (servicesUpdate.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated blind OS...

CVE-2024-47219

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection...

CVE-2024-47219

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection...

NebulaGraph 安全漏洞

NebulaGraph is a popular open source graphics database open sourced by vesoft. A security vulnerability exists in NebulaGraph version 3.8.0 that stems from allowing shell command injection...

CVE-2024-47219

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection...

PT-2024-32482 · Vesoft · Vesoft Nebulagraph

Name of the Vulnerable Software and Affected Versions: vesoft NebulaGraph versions through 3.8.0 Description: An issue was discovered in vesoft NebulaGraph that allows shell command injection. Recommendations: For versions through 3.8.0, update to a version later than 3.8.0 to resolve the issue. ...

CVE-2024-47219

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection...

Dockwatch Remote Command Execution Exploit

Dockwatch is a container management web UI for docker. It runs by default without authentication, although guidance is available for how to setup credentials for access. It has a Commands feature that allows a user to run docker commands such as inspect, network, ps. Prior to fix, it did not...

SequenceServer 安全漏洞

SequenceServer is an intuitive graphical web interface from the Yannick Wurm team. It is used to run BLAST bioinformatics tools. A security vulnerability exists in SequenceServer versions prior to 3.1.2 that stems from not properly cleaning up user input and query parameters, which could be...