CVE-2025-34186 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system call for authentication, allowing attackers to inject special characters and manipulate command parsing. Because the binary interprets non-zero exit...

Cohesive Networks VNS3 操作系统命令注入漏洞

Cohesive Networks VNS3 is a VPN Virtual Private Network solution from Cohesive Networks, Inc. Cohesive Networks VNS3 suffers from an operating system command injection vulnerability that stems from a lack of proper authentication before executing a system call using a user-supplied string. An...

VulnCheck KEV: CVE-2019-10891

An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnapmain, which calls system without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header...