CVE-2020-28438

CVE-2020-28438 affects all versions of the npm package deferred-exec. The vulnerability is a command injection in the deferred-exec.js file, with the injection point at line 42 in lib/deferred-exec.js. Multiple sources describe the issue as a command injection affecting the package, without detai...

PT-2022-8894 · Unknown · Deferred-Exec

Name of the Vulnerable Software and Affected Versions: deferred-exec affected versions not specified Description: A command injection issue affects the package. The injection point is located in line 42 in lib/deferred-exec.js. Recommendations: At the moment, there is no information about a newer...

deferred-exec 命令注入漏洞

deferred-exec is a tool for running exec commands by Dan Heberden, an individual developer in the United States. A security vulnerability exists in deferred-exec, which stems from a command injection attack injection point in deferred-exec.js...

deterministic-wasi-ctx (=0.1.3), enarx (>=0.5.0 <=0.5.1) +8 more potentially affected by CVE-2022-31146 via wasmtime (=0.37.0)

wasmtime CARGO version =0.37.0 is affected by a known vulnerability. The following packages have a transitive dependency on wasmtime and may be impacted: - deterministic-wasi-ctx =0.1.3 - enarx =0.5.0, =0.5.1 - enarx-exec-wasmtime =0.5.1 - wasi-tokio =0.37.0 - wasmtime-cli-flags =0.37.0 -...

CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

DEBIAN-CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

Stack overflow

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

UBUNTU-CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

Sourcegraph gitserver sshCommand RCE

A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can then be triggered on demand by executing a git push operation. The vulnerability was...

Sourcegraph gitserver sshCommand Remote Command Execution Exploit

A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can then be triggered on demand by executing a git push operation. The vulnerability was...

CVE-2022-22038 Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-17956)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-17956 advisory. go-toolset 1.18.3-1 - Update to golang 1.18.3 golang 1.18.3-1.0.1 - Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips - Modify...

Unbreakable Enterprise kernel security update

4.14.35-2047.515.3 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2 - net/rds:...

OESA-2022-1743 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

DEBIAN-CVE-2022-32088

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...

CVE-2022-32088

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...

MariaDB 安全漏洞

MariaDB is a free and open source database management system from the Mariadb Foundation and a version of the MySQL branch that uses the Maria storage engine.A security vulnerability exists in MariaDB, which stems from a segmentation error found via the component Exectimetracker::...

PT-2022-20611 · Unknown +3 · C-Uitl/C-Shquote +4

Name of the Vulnerable Software and Affected Versions: dbus-broker versions prior to 31 Description: An issue was discovered in dbus-broker where it depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is...