Lucene search
K

6 matches found

Circl
Circl
added 2023/08/30 10:12 p.m.5 views

CVE-2023-40582

creationtimestamp| type| source ---|---|--- 2023-08-30 22:12:21+00:00| seen| https://t.me/cibsecurity/69483...

9.8CVSS8.7AI score0.01489EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/08/30 8:8 p.m.4 views

@gov.au/pancake (>=0.0.6 <=0.0.10), agile-alarm (>=0.0.1 <=0.0.2) +32 more potentially affected by CVE-2023-40582 via find-exec (>=0.0.3 <=1.0.2)

find-exec NPM version =0.0.3, =0.0.6, =0.0.1, =1.3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =2.0.0, =0.1.0, =0.1.0, =1.4.0, =1.4.9 and more Source cves: CVE-2023-40582 Source advisory: OSV:GHSA-95RP-6GQP-6622...

9.8CVSS7.2AI score0.01489EPSS
Exploits0
CVE
CVE
added 2023/08/30 5:39 p.m.127 views

CVE-2023-40582

The CVE pertains to the find-exec utility, where earlier versions (prior to 1.0.3) fail to properly escape user input, enabling Command Injection via attacker-controlled parameters. This could allow an attacker to run arbitrary shell commands with the privileges of the running process. The issue ...

9.8CVSS9.8AI score0.01489EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/08/30 5:39 p.m.34 views

CVE-2023-40582 Command Injection Vulnerability in find-exec

find-exec is a utility to discover available shell commands. Versions prior to 1.0.3 did not properly escape user input and are vulnerable to Command Injection via an attacker controlled parameter. As a result, attackers may run malicious shell commands in the context of the running process. This...

9.8CVSS9.3AI score0.01489EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/08/30 5:39 p.m.13 views

CVE-2023-40582 Command Injection Vulnerability in find-exec

find-exec is a utility to discover available shell commands. Versions prior to 1.0.3 did not properly escape user input and are vulnerable to Command Injection via an attacker controlled parameter. As a result, attackers may run malicious shell commands in the context of the running process. This...

9.8CVSS7.3AI score0.01489EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/30 5:39 p.m.53 views

CVE-2023-40582 Command Injection Vulnerability in find-exec

find-exec is a utility to discover available shell commands. Versions prior to 1.0.3 did not properly escape user input and are vulnerable to Command Injection via an attacker controlled parameter. As a result, attackers may run malicious shell commands in the context of the running process. This...

9.8CVSS10AI score0.01489EPSS
Exploits0References2
Rows per page
Query Builder