Contact Privacy DMCA

Robuta
https://advisories.gitlab.com/golang/github.com/inspektor-gadget/inspektor-gadget/CVE-2026-24905/ Inspektor Gadget: Command Injection via malicious buildOptions manipulation | GitLab Advisory... CVE-2026-24905 Inspektor Gadget: Command Injection via malicious buildOptions manipulation: The ig binary provides a subcommand for image building, used to... inspektor gadgetcommand injectionviamaliciousbuildoptions https://akimbocore.com/article/finding-command-injection/ Finding Command Injection - Akimbo Core Feb 14, 2024 - Command Injection vulnerabilities are a class of application security issue where an attacker can cause the application to execute an underlying operating... command injectionfindingakimbocore https://www.exploit-db.com/exploits/47536 Moxa EDR-810 - Command Injection / Information Disclosure - Hardware remote Exploit Oct 22, 2019 - Moxa EDR-810 - Command Injection / Information Disclosure. CVE-2019-10969CVE-2019-10963 . remote exploit for Hardware platform command injectioninformation disclosuremoxaedrhardware https://khalil-shreateh.com/khalil.shtml/it-highlights/security-research/44431-apache-brpc-1-14-0-command-injection.html Apache bRPC 1.14.0 Command Injection | khalil shreateh Apache bRPC 1.14.0 Command... command injectionapachebrpckhalil https://guard-api.com/guides/how-to-fix-command-injection-in-qwik/ Fix Command Injection in Qwik | GuardAPI Security Guide command injectionfixqwiksecurityguide https://advisories.gitlab.com/npm/window-control/CVE-2022-25926/ window-control vulnerable to Command Injection due to improper input sanitization | GitLab Advisory... CVE-2022-25926 window-control vulnerable to Command Injection due to improper input sanitization: Versions of the package window-control before 1.4.5 is... window controlcommand injection https://www.leakycreds.com/vulnerability/CVE-2026-29058 CVE-2026-29058 - AVideo - Command Injection | LeakyCreds Technical analysis of CVE-2026-29058 including critical severity, CVSS 9.8, impact assessment, and exploitation activity. Updated vulnerability intelligence by... command injectioncveavideo https://cvefeed.io/vuln/detail/CVE-2022-28573 CVE-2022-28573 - D-Link DIR-823-Pro Command Injection Vulnerability Nov 21, 2024 - D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNTPserverSeting. This vulnerability allows attackers... d linkcommand injectioncve https://cvefeed.io/vuln/detail/CVE-2012-3076 CVE-2012-3076 - "Cisco TelePresence Recording Server Command Injection Vulnerability" Apr 29, 2026 - The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via... recording servercommand injectioncveciscotelepresence https://cvefeed.io/vuln/detail/CVE-2022-36455 CVE-2022-36455 - TOTOLink A3600R Command Injection Vulnerability Nov 21, 2024 - TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. command injectioncvetotolinkvulnerability https://pentest-tools.com/vulnerabilities-exploits/digiever-ds-2105-pro-command-injection_28605 Digiever DS-2105 Pro - Command Injection (CVE-2023-52163) - Vulnerability & Exploit Database The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the... command injection https://advisories.gitlab.com/composer/magento/core/CVE-2020-9578/ Magento command injection vulnerability | GitLab Advisory Database (GLAD) CVE-2020-9578 Magento command injection vulnerability: Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and... command injectionmagentovulnerabilitygitlabadvisory https://www.resecurity.com/advisories/vulnerability/fortiwan-os-command-injection-leads-to-privilege-escalation Resecurity | FortiWAN - OS command injection leads to privilege escalation os command injectionresecurityfortiwanleadsprivilege https://security.snyk.io/vuln/SNYK-JS-DOCSGPT-8740694 Arbitrary Command Injection in docsgpt | CVE-2025-0868 | Snyk Critical severity (9.3) Arbitrary Command Injection in docsgpt | CVE-2025-0868 command injectionarbitrarydocsgptcvesnyk https://cvefeed.io/vuln/detail/CVE-2024-4577 CVE-2024-4577 - PHP-CGI OS Command Injection Vulnerability - [Actively Exploited] Nov 3, 2025 - In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain... os command injectioncvephpcgi https://www.anysecura.com/knowledge/what-is-os-command-injection.html What Is OS Command Injection? An Overlooked but Critical Security Risk OS Command Injection is a serious security risk from improper execution of OS commands, affecting common enterprise functions and requiring layered prevention... os command injectionwhat is https://www.securityinfo.it/tag/command-injection/ command injection Archivi - Securityinfo.it command injectionarchivi https://securityvulnerability.io/vulnerability/CVE-2025-3546 CVE-2025-3546 : Command Injection Vulnerability in H3C Magic Devices by H3C Technologies Apr 23, 2025 - Explore the command injection vulnerability affecting H3C devices, including the Magic NX series and Magic BE18000, CVE-2025-3546. command injection https://guard-api.com/guides/how-to-fix-command-injection-in-helidon/ Fix Command Injection in Helidon | GuardAPI Security Guide command injectionfixhelidonsecurityguide https://advisories.gitlab.com/pypi/pydash/CVE-2023-26145/ pydash Command Injection vulnerability | GitLab Advisory Database (GLAD) CVE-2023-26145 pydash Command Injection vulnerability: This affects versions of the package pydash before 6.0.0. A number of pydash methods such as... command injectionvulnerabilitygitlabadvisorydatabase https://stinner-it.com/active-exploitation-of-solarview-compact-command-injection-vulnerabilities-cve-2022-40881-cve-2022-29303-115/ Active Exploitation of SolarView Compact Command Injection Vulnerabilities (CVE-2022-40881,... command injectionactiveexploitationcompact https://vulert.com/vuln-db/CVE-2025-6514 CVE-2025-6514: mcp-remote OS Command Injection Vulnerability CVE-2025-6514 is a critical OS command injection vulnerability in the mcp-remote npm package. Update to version 0.1.16 to secure your application. os command injectioncvemcpremotevulnerability https://cvefeed.io/vuln/detail/CVE-2012-2976 CVE-2012-2976 - Symantec Web Gateway Command Injection Vulnerability Apr 29, 2026 - The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to... web gatewaycommand injectioncvesymantecvulnerability https://zsecurity.org/blind-command-injection/ Blind Command Injection - zSecurity Feb 11, 2022 - Hey guys, In this video, I will be discussing blind command injection! command injectionblind https://www.root-me.org/en/Challenges/Web-Server/PHP-Command-injection Challenges/Web - Server : PHP - Command injection [Root Me : Hacking and Information Security... PHP - Command injection : Ping service v1 web servercommand injection https://guard-api.com/guides/how-to-fix-command-injection-in-nestjs/ Fix Command Injection in NestJS | GuardAPI Security Guide command injectionfixnestjssecurityguide https://security.snyk.io/vuln/SNYK-ALPINE323-VIM-14180936 OS Command Injection in vim | CVE-2019-12735 | Snyk High severity (8.6) OS Command Injection in vim | CVE-2019-12735 os command injectionvimcvesnyk https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/ MCP STDIO Command Injection: Full Vulnerability Advisory OX Security's full disclosure advisory for command injection vulnerabilities in MCP STDIO configurations, covering 10 CVEs command injectionmcpstdiofullvulnerability https://mobasi.ai/blog/sentinel-update-20260405 Sentinel update: command injection vulnerabilities remediated in UAC | Mobasi Apr 5, 2026 - As of April 5, 2026, Mobasi's Sentinel program includes three remediated command injection findings in UAC, the Unix-like Artifacts Collector. command injectionsentinelupdatevulnerabilitiesuac https://unit42.paloaltonetworks.com/cve-2020-4006/?pdf=download&lg=en&_wpnonce=949b5ed951 Threat Brief: VMware Command Injection Vulnerability (CVE-2020-4006) Jun 6, 2024 - We share information about CVE-2020-4006 and recommendations for how to mitigate. threat briefcommand injectionvmwarevulnerabilitycve https://www.manning.com/liveproject/remote-OS-command-injection Remote OS Command Injection - Sashank Dara Identify the vulnerabilities in provided Java code, modify it to to shut the door against a common exploit, and write tests in Postman to ensure your API is... os command injectionremotedara https://www.exploit-db.com/exploits/45676 D-Link Routers - Command Injection - Hardware webapps Exploit Oct 12, 2018 - D-Link Routers - Command Injection. CVE-2018-10823 . webapps exploit for Hardware platform d linkcommand injectionroutershardwarewebapps https://soc-news.com/f5-big-ip-command-injection-vulnerability-allows-attackers-to-execute-arbitrary-system-commands/ F5 BIG-IP Command Injection Vulnerability Dec 29, 2025 - F5 warns of a critical BIG-IP flaw letting admins run system commands. Update now or apply mitigations to avoid potential exploitation. command injectionbigipvulnerability https://cvefeed.io/vuln/detail/CVE-2022-28582 CVE-2022-28582 - TOTOlink Router Command Injection Nov 21, 2024 - It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows... cvetotolinkroutercommandinjection https://pkg.go.dev/github.com/AcornPublishing/dependency-injection-go/Chapter12/acme acme command - github.com/AcornPublishing/dependency-injection-go/Chapter12/acme - Go Packages dependency injectionacmecommandgithubgo https://advisories.gitlab.com/maven/org.jenkins-ci.plugins/simple-travis-runner/CVE-2019-10380/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2019-10380 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): Jenkins Simple Travis Pipeline Runner Plugin 1.0 and... os command injectionspecial elements https://stinner-it.com/tp-link-archer-ax-21-command-injection-vulnerability-cve-2023-1389-exploited-in-the-wild-277/ TP-Link Archer AX-21 Command Injection Vulnerability (CVE-2023-1389) Exploited in the Wild |... https://advisories.gitlab.com/composer/in2code/ipandlanguageredirect/CVE-2023-35782/ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | GitLab... CVE-2023-35782 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'): The ipandlanguageredirect extension before 5.1.2 for TYPO3... special elements https://www.invicti.com/web-application-vulnerabilities/piwigo-improper-neutralization-of-special-elements-used-in-an-sql-command-sql-injection-vulnerability-cve-2017-17823 Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php order_by array parameter. An atta... Piwigo Improper... special elements https://rubysec.com/advisories/CVE-2013-2616/ CVE-2013-2616 (mini_magick): MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection -... CVE-2013-2616 (mini_magick): MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection ... https://stinner-it.com/tp-link-archer-ax-21-command-injection-vulnerability-cve-2023-1389-exploited-in-the-wild-208/ TP-Link Archer AX-21 Command Injection Vulnerability (CVE-2023-1389) Exploited in the Wild |... https://devhub.checkmarx.com/cve-details/cve-2019-11600/ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') -... May 9, 2023 - A SQL injection vulnerability in the activities API in OpenProject before 8.3.2 allows a remote attacker to execute arbitrary SQL commands via the id... special elementsin animproperneutralization https://advisories.gitlab.com/composer/phpmyadmin/phpmyadmin/CVE-2020-22452/ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | GitLab... CVE-2020-22452 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'): SQL Injection vulnerability in function... special elements https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.mono.android-x64/CVE-2022-24512/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2022-24512 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): .NET and Visual Studio Remote Code Execution... os command injectionspecial elements https://advisories.gitlab.com/npm/@elgentos/magento2-dev-mcp/CVE-2026-5603/ @elgentos/magento2-dev-mcp vulnerable to command injection | GitLab Advisory Database (GLAD) CVE-2026-5603 @elgentos/magento2-dev-mcp vulnerable to command injection: A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected... https://devhub.checkmarx.com/cve-details/cve-2024-1624/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') -... special elementsin animproperneutralization https://www.cve.news/cve-2022-43367/ CVE-2022-43367 - Command Injection in IP-COM EW9 V15.11..14(9732) - Exploitation Demystified Jun 6, 2025 - A critical command injection flaw was discovered in the IP-COM EW9 wireless router, specifically in firmware version V15.11..14(9732). This vulnerability,... https://advisories.gitlab.com/npm/ssl-utils/CVE-2021-34080/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2021-34080 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): OS Command Injection vulnerability in es128... os command injectionspecial elements https://advisories.gitlab.com/composer/moodle/moodle/CVE-2023-5550/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2023-5550 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): In a shared hosting environment that has been... os command injectionspecial elements https://embracethered.com/blog/posts/2025/amp-agents-that-modify-system-configuration-and-escape/ Amp Code: Arbitrary Command Execution via Prompt Injection Fixed · Embrace The Red Sandbox-escape-style attacks can happen when an AI is able to modify its own configuration settings, such as by writing to configuration files. That was the … https://www.openwall.com/lists/oss-security/2017/09/26/9 oss-security - Advisory: Git cvsserver OS Command Injection security advisoryossgitcommandinjection https://advisories.gitlab.com/maven/org.apache.tomcat/tomcat/CVE-2016-0714/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2016-0714 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): The session-persistence implementation in Apache... os command injectionspecial elements https://advisories.gitlab.com/gem/net-imap/CVE-2026-42258/ net-imap vulnerable to command Injection via unvalidated Symbol inputs | GitLab Advisory Database... CVE-2026-42258 net-imap vulnerable to command Injection via unvalidated Symbol inputs: Symbol arguments to commands are vulnerable to a CRLF Injection / IMAP... https://www.exploit-db.com/exploits/50098 Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated) - Multiple webapps Exploit Jul 6, 2021 - Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated). CVE-2021-42071 . webapps exploit for Multiple platform https://pentest-tools.com/vulnerabilities-exploits/flir-ax8-14616-remote-command-injection_27191 FLIR AX8 1.46.16 - Remote Command Injection (CVE-2022-37061) - Vulnerability & Exploit Database The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the... https://devhub.checkmarx.com/cve-details/cve-2022-37112/ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') -... May 9, 2023 - BlueCMS 1.6 has SQL injection in line 55 of admin/model.php special elementsin animproperneutralization https://stinner-it.com/tp-link-archer-ax-21-command-injection-vulnerability-cve-2023-1389-exploited-in-the-wild-47/ TP-Link Archer AX-21 Command Injection Vulnerability (CVE-2023-1389) Exploited in the Wild |... https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.osx-x64/CVE-2023-21538/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2023-21538 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): .NET Denial of Service Vulnerability. os command injectionspecial elements https://socialmediatotal.com/story6395600/growing-self-confidence-with-tirzepatide-injection-for-diabetes-command growing self confidence with Tirzepatide Injection for Diabetes Command self confidencetirzepatide injectionfor diabetesgrowingcommand https://infinitsec.net/posts/cve-2026-40527-radare2-command-injection-via-dwarf-parameter-names Report: Update: CVE-2026-40527 - radare2 Command Injection via DWARF Parameter Names - InfinitSec Apr 18, 2026 - CVE ID :CVE-2026-40527 Published : April 17, 2026, 8:25 p.m. | 1 hour ago Description :radare2 prior to commit bc5a890 contains a command injection... https://securing.website/ai-in-the-browser-how-to-harden-extensions-and-assistants-ag Hardening Browser AI Against Command Injection Apr 15, 2026 - A developer-focused guide to hardening browser AI against command injection with CSP, sandboxing, allowlists, and telemetry. browser aihardeningcommandinjection https://www.cve.news/cve-2025-25364/ CVE-2025-25364 - Root Command Injection in Speedify VPN (me.connectify.SMJobBlessHelper) up to... Jan 15, 2026 - Summary On June 4, 2024, a critical command injection vulnerability was disclosed in the Speedify VPN macOS app, affecting versions up to 15... The flaw is... https://advisories.gitlab.com/npm/openclaw/GHSA-fg3m-vhrr-8gj6/ OpenClaw has Windows Lobster shell fallback command injection in constrained fallback path | GitLab... GHSA-fg3m-vhrr-8gj6 OpenClaw has Windows Lobster shell fallback command injection in constrained fallback path: On Windows, the Lobster extension previously... https://aisecurityguard.io/learn/article/cve202622708-how-cursors-ai-agent-became-a-shell-command-inj CVE-2026-22708: How Cursor's AI Agent Became a Shell Command Injection Vector | AI Security Guard A critical vulnerability in Cursor's AI-powered code editor (CVE-2026-22708) has exposed a fundamental flaw in how AI agents handle user input validation. The f https://advisories.gitlab.com/maven/org.xwiki.platform/xwiki-platform-menu/CVE-2023-37909/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2023-37909 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): XWiki Platform is a generic wiki platform offering... os command injectionspecial elements https://cvefeed.io/vuln/detail/CVE-2026-4210 CVE-2026-4210 - D-Link DNS-1550-04 time_machine.cgi cgi_tm_set_share command injection Apr 29, 2026 - A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326,... https://advisories.gitlab.com/composer/moodle/moodle/CVE-2023-30944/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2023-30944 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): The vulnerability was found Moodle which exists due... os command injectionspecial elements https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.win-arm/CVE-2023-33128/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2023-33128 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): .NET and Visual Studio Remote Code Execution... os command injectionspecial elements https://devhub.checkmarx.com/cve-details/cve-2014-2339/ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') -... May 9, 2023 - Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL... special elementsin animproperneutralization https://advisories.gitlab.com/composer/microweber/microweber/CVE-2023-49052/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2023-49052 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): File Upload vulnerability in Microweber v.2.0.4... os command injectionspecial elements https://zeropath.com/blog/cve-2024-58274-hikvision-csmp-command-injection Hikvision iSecure Center Command Injection (CVE-2024-58274): Brief Summary and PoC Overview -... Oct 21, 2025 - This post provides a brief summary of the command injection vulnerability in Hikvision iSecure Center (CVE-2024-58274), including technical details, affected... https://advisories.gitlab.com/nuget/microsoft.netcore.app.runtime.win-arm64/CVE-2023-36792/ Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | GitLab... CVE-2023-36792 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): Visual Studio Remote Code Execution Vulnerability os command injectionspecial elements https://advisories.gitlab.com/composer/pimcore/pimcore/CVE-2023-2338/ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | GitLab... CVE-2023-2338 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'): SQL Injection in GitHub repository pimcore/pimcore prior to... special elements https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-vds-cmd-inj-VfJtqGhE Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection... A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series... cisco iossoftware forindustrial routers