Microsoft 365 Copilot 命令注入漏洞

Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...

Microsoft Edge 安全漏洞

Microsoft Edge is a web browser included with Windows 10 and later versions from Microsoft. There is a security vulnerability in Microsoft Edge, which allows attackers to manipulate the system in certain ways...

Malicious code in python-files-mod (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3f9a5cad398dbfcea1ea0ed1a7b20c678a67941581a4562aa92703ac86ee421a Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...

CVE-2026-22914

An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation...

CVE-2026-22914

An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation...

EUVD-2026-2819

An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation...

CVE-2026-22914

An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation...

CVE-2026-22914

An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation...

CVE-2026-22914

CVE-2026-22914 affects the SICK TDC-X401GL product per the PSIRT entry. The available documentation states that an attacker with limited permissions may write files to specific locations on the device, potentially enabling system manipulation. The Red Hat and CVE pages reiterate the same descript...

CVE-2026-22914

An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation...

EUVD-2019-4742

Malware in sbrugna...

EUVD-2017-9443

Malware in sbrugna...

EUVD-2013-7266

Malware in sbrugna...

EUVD-2021-19564

Malware in sbrugna...

EUVD-2024-44112

Malicious code in bioql PyPI...

EUVD-2022-44008

Malicious code in bioql PyPI...

Cisco UCS Manager Software 操作系统命令注入漏洞

Cisco UCS Manager Software is a device management software from Cisco. Cisco UCS Manager Software suffers from an operating system command injection vulnerability that stems from insufficient validation of command parameter inputs, which could lead to file system manipulation...

CVE-2025-3771

A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to overwrite system files with SIR backup files, which can potentially cause a system crash. This was achieved by adding a malicious entry to the registry under the...

CVE-2023-26526

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Nota-Info Bookly allows Path Traversal, Manipulating Web Input to File System Calls.This issue affects Bookly: from n/a through 21.7.1...

CVE-2023-1412

An unprivileged non-admin user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows = 2022.12.582.0 to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks oplock and symbolic links which can both be creat...