CVE-2026-7153 Totolink A8000RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sysinfo results in os command injection. The attack can b...

EUVD-2021-1511

Malware in sbrugna...

CVE-2020-36434

An issue was discovered in the sys-info crate before 0.8.0 for Rust. sysinfo::diskinfo calls can trigger a double free...

CVE-2025-44884

CVE-2025-44884 affects Planet FW-WGS-804HPT firmware v1.305b241111. The vulnerability is a stack overflow in the web_sys_infoContact_post function caused by improper input length validation, with the CNVD/CNNVD entries describing potential arbitrary code execution or denial of service. Public det...

CVE-2024-4590

A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/sysinfo.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the publ...

PT-2024-31843 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A vulnerability was found in DedeCMS, affecting some unknown functionality of the file /src/dede/sys info.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The...

PT-2023-23451 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS versions up to 5.7.108 Description: The issue concerns a problem where an attacker can execute malicious scripts. This is possible due to a flaw in the sys info.php file, specifically through the parameters edit cfg powerby and edit c...

PT-2022-23260 · Dedebiz · Dedebiz

Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6 Description: A remote code execution issue was found in sys info.php, allowing for potential code execution. Recommendations: For DedeBIZ version 6, consider restricting access to the sys info.php file until a patch is...

Double free in sys-info

Affected versions of sys-info use a static, global, list to store temporary disk information while running. The function that cleans up this list, DFCleanup, assumes a single threaded environment and will try to free the same memory twice in a multithreaded environment. This results in consistent...

GHSA-2F5J-3MHQ-XV58 Double free in sys-info

Affected versions of sys-info use a static, global, list to store temporary disk information while running. The function that cleans up this list, DFCleanup, assumes a single threaded environment and will try to free the same memory twice in a multithreaded environment. This results in consistent...

CVE-2020-36434

An issue was discovered in the sys-info crate before 0.8.0 for Rust. sysinfo::diskinfo calls can trigger a double free...

Double free

An issue was discovered in the sys-info crate before 0.8.0 for Rust. sysinfo::diskinfo calls can trigger a double free...

CVE-2020-36434

An issue was discovered in the sys-info crate before 0.8.0 for Rust. sysinfo::diskinfo calls can trigger a double free...

CVE-2020-36434

The CVE-2020-36434 issue affects the Rust crate sys-info prior to version 0.8.0. The root cause is a static/global list used to store temporary disk information; cleanup code (DFCleanup) assumes a single-threaded environment and can free the same memory twice when sys_info::disk_info is invoked c...

bat (=0.18.0), buffett-core (>=0.1.0 <=0.1.1) +73 more potentially affected by CVE-2020-36434 via sys-info (>=0.4.1 <=0.7.0)

sys-info CARGO version =0.4.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =1.3.0, =0.29.0, =0.20.0, =0.1.0, =0.1.0, =1.3.0, =1.8.0, =0.7.0, =0.7.0, =0.31.2 and more Source cves: CVE-2020-36434 Source advisory: OSV:RUSTSEC-2020-0100...

RUSTSEC-2020-0100 Double free when calling `sys_info::disk_info` from multiple threads

Affected versions of sys-info use a static, global, list to store temporary disk information while running. The function that cleans up this list, DFCleanup, assumes a single threaded environment and will try to free the same memory twice in a multithreaded environment. This results in consistent...