EUVD-2021-13160

Malware in sbrugna...

EUVD-2025-23681

Malicious code in bioql PyPI...

EUVD-2023-55037

Malicious code in bioql PyPI...

CVE-2025-8640

The CVE-2025-8640 entry describes a command-injection vulnerability in Kenwood DMX958XR firmware update handling. The flaw arises from insufficient validation of a user-supplied string used to construct a system call, enabling a physically present attacker to run code as root without authenticati...

PT-2025-26148 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A kernel infoleak has been reported at vcs read due to a buffer that can be read immediately after a resize operation. The issue is resolved by initializing the buffer using kzalloc. T...

CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

CVE-2024-23971

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OCPP messages. The issue results from...

CVE-2023-42005

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264...

CVE-2024-54805

Netgear WNR854T 1.5.2 North America is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter getemail. After which, they can visit the sendlog.cgi endpoint which uses the parameter in a system call to achieve command execution...

(0Day) BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must acquire data from a malicious mobile device. The specific flaw exists within the...

CVE-2022-42433

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N TL-WR841NUSV14220121 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

CVE-2022-40719

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpdgeneric.lua plugin for the xupnpd service, which...

WinRAR 1.0 Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ======================================== WinRAR 1.0 Local Buffer Overflow Exploit ======================================== / WinRar local buffer overflow exploit V1.0 Coded By ATmaCA Copyright ? 2004 ProGroup Software, Inc...