CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

DEBIAN-CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

Design/Logic Flaw

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

UBUNTU-CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

CVE-2019-16864

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

Remote code execution

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

PT-2022-2081 · Tp Link · Tp-Link Tl-Wr840N

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR840NES version V6.20 180709 Description: The issue is related to a command injection vulnerability. It is associated with the util execSystem function in the libcmm.so module of the TP-Link TL-WR840N ES router's firmware. The...

GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271...

Mageia: Security Advisory (MGASA-2018-0484)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-46532

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via execexpr at src/mjsexec.c. This vulnerability can lead to a Denial of Service DoS...

CVE-2021-44981

In QuickBox Pro v2.5.8 and below, the config.php file has a variable which takes a GET parameter value and parses it into a shellexec''; function without properly sanitizing any shell arguments, therefore remote code execution is possible. Additionally, as the media server is running as root by...

ai.databand.azkaban:azkaban-common (=3.18.0), ai.databand.azkaban:azkaban-exec-server (=3.18.0) +7208 more potentially affected by CVE-2022-21363 via mysql:mysql-connector-java (>=3.0.10 <=8.0.27)

mysql:mysql-connector-java MAVEN version =3.0.10, =0.5.0, =0.5.0, =0.1.0, =4.1.3, =0.0.13, =1.13.3, =j8.2.2.0, =2.1.0, =1.0.0, =0.0.3, =0.1.0, =0.1.3-20200811-2e41939 and more Source cves: CVE-2022-21363 Source advisory: OSV:GHSA-G76J-4CXX-23H9...

R818 代码问题漏洞

Allwinner Technology R818 is a quad-core intelligent voice with screen chip from Allwinner Technology Zhuhai, China. A security vulnerability exists in the Allwinner R818 SoC Android Q SDK V1.0, which originates from a NULL pointer dereference in the open exec function that could execute a...

Improper Privilege Management in shelljs

Impact Output from the synchronous version of shell.exec may be visible to other users on the same system. You may be affected if you execute shell.exec in multi-user Mac, Linux, or WSL environments, or if you execute shell.exec as the root user. Other shelljs functions including the asynchronous...

CVE-2021-46020

An untrusted pointer dereference in mrbvmexec of mruby v3.0.0 can lead to a segmentation fault or application crash...

Exploit for Out-of-bounds Write in Solarwinds Serv-U

Serv-U CVE-2021-35211 Exploit Potential for DoS - check yo...

Information Disclosure

shelljs is vulnerable to information disclosure. The vulnerability exists in ShellJS exec function of exec.js because the file permissions have not been locked down which allows an attacker to gain access to sensitive information of file system of the running scripts and crash application...