Lucene search
+L

257 matches found

osv
osv
added 2025/08/04 9:15 p.m.4 views

CVE-2025-51387

The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be...

9.8CVSS6AI score0.00545EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 9:45 a.m.6 views

CVE-2024-25249

An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...

9.8CVSS8AI score0.01481EPSS
Exploits0References1
almalinux
almalinux
added 2024/11/12 12:0 a.m.30 views

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: containers/image: digest type does not guarantee valid type CVE-2024-3727 golang: net: malformed DNS message can cause infinite...

8.3CVSS8.4AI score0.01414EPSS
Exploits0References10
nessus
nessus
added 2024/09/21 12:0 a.m.21 views

FreeBSD : FreeBSD -- ktrace(2) fails to detach when executing a setuid binary (8fb61d94-771b-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8fb61d94-771b-11ef-9a62-002590c1f29c advisory. A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not...

7.5CVSS5.7AI score0.00741EPSS
Exploits0References2
packetstorm
packetstorm
added 2024/09/02 12:0 a.m.240 views

eClass LMS 6.2.0 Shell Upload

==================================================================================================================================== | Title : eClass LMS v6.2.0 shell upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendo...

7.4AI score
Exploits0
ptsecurity
ptsecurity
added 2024/07/31 12:0 a.m.11 views

PT-2024-40828 · Git +1 · Gpac

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details include a crash type of Stack-buffer-overflow WRITE 4. The crash state involves...

6.9AI score
Exploits0References2
packetstorm
packetstorm
added 2024/07/24 12:0 a.m.326 views

TAIF LMS 5.8.0 Shell Upload

==================================================================================================================================== | Title : TAIF LMS v5.8.0 shell upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor ...

7.4AI score
Exploits0
almalinux
almalinux
added 2024/07/15 12:0 a.m.28 views

Important: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 For more details about the securit...

7.5CVSS7.5AI score0.01533EPSS
Exploits0References4
kitploit
kitploit
added 2024/06/03 12:30 p.m.33 views

Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions

This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT currently working on implementing this for RPM and other package managers. This is...

7.2AI score
Exploits0References2
cnnvd
cnnvd
added 2024/01/28 12:0 a.m.5 views

Kap security breach

Kap is an open source screen recorder from Wulkano Open Source. Kap 3.6.0 version of the previous security vulnerability , the vulnerability stems from the RunAsNode and enableNodeClilnspectArguments settings can execute arbitrary code...

9.8CVSS7.7AI score0.01456EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/01/28 12:0 a.m.5 views

Hyper Security Vulnerability

hyper is a fast, correct HTTP implementation of Rust in the hyperium open source. A security vulnerability exists in Hyper prior to version 3.4.1, which stems from arbitrary code execution via the RunAsNode and enableNodeClilnspectArguments settings...

9.8CVSS7.7AI score0.01574EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/01/27 12:0 a.m.8 views

PT-2024-20050 · Loom · Loom

Name of the Vulnerable Software and Affected Versions: Loom on macOS version 0.196.1 and before Description: An issue in Loom allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. The vendor disputes this issue because it requires local...

9.8CVSS8AI score0.01695EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2023/11/28 12:0 a.m.5 views

PT-2023-31164 · Asana · Asana Desktop

Name of the Vulnerable Software and Affected Versions: Asana Desktop version 2.1.0 Description: The issue allows code injection due to specific Electron Fuses, with inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments. This can be...

7.8CVSS7.7AI score0.04333EPSS
Exploits0References13
nvd
nvd
added 2023/10/11 7:15 p.m.22 views

CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

7.8CVSS7.8AI score0.00456EPSS
Exploits1References1
prion
prion
added 2023/10/11 7:15 p.m.24 views

Code injection

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

4.3CVSS7.8AI score0.00456EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2023/10/11 12:0 a.m.14 views

CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

7.3AI score0.00456EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2023/10/11 12:0 a.m.5 views

PT-2023-26610 · Inspect Element · Echo.Ac

Name of the Vulnerable Software and Affected Versions: Inspect Element Ltd Echo.ac version 5.2.1.0 Description: An issue in Inspect Element Ltd Echo.ac allows a local attacker to gain privileges via a crafted command to the echo driver.sys component. This issue has been reportedly used by various...

7.8CVSS7.9AI score0.00456EPSS
Exploits1References18
cnnvd
cnnvd
added 2023/10/11 12:0 a.m.16 views

Inspect Element Echo.ac Security Vulnerability

Inspect Element Echo.ac is an application from Inspect Element, Inc. A security vulnerability exists in Inspect Element Echo.ac prior to version v.5.2.1.0, which stems from a vulnerability that allows a local attacker to gain privileges via the echodriver.sys component using a crafted command...

7.8CVSS6.9AI score0.00456EPSS
Exploits1References2
cve
cve
added 2023/10/11 12:0 a.m.117 views

CVE-2023-38817

CVE-2023-38817 concerns Inspect Element Ltd Echo.ac v5.2.1.0. Red Hat and other sources confirm a local privilege escalation via a crafted command to the echo_driver.sys component, enabling a user to gain privileges (NT AUTHORITY\SYSTEM). The issue’s root cause is a problematic interaction with e...

7.8CVSS7.8AI score0.00456EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2023/10/11 12:0 a.m.26 views

CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

8AI score0.00456EPSS
Exploits1References1
Rows per page
Query Builder