Lucene search
+L

25 matches found

attackerkb
attackerkb
added 2021/04/18 6:35 p.m.3 views

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS5.8AI score0.01336EPSS
Exploits1References3
attackerkb
attackerkb
added 2021/03/18 12:36 p.m.5 views

CVE-2021-23359

This affects all versions of package port-killer. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization. Running this PoC will cause the command touch success to be...

8.8CVSS5.8AI score0.01654EPSS
Exploits1References3
attackerkb
attackerkb
added 2021/03/09 6:27 p.m.4 views

CVE-2021-23352

This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image, .svg or .dot functions are called, is executed by the childprocess.exec function...

9.8CVSS5.4AI score0.02057EPSS
Exploits1References4
snyk
snyk
added 2020/02/28 9:12 a.m.25 views

Sandbox Escape

Overview safe-eval is a Safer version of eval Affected versions of this package are vulnerable to Sandbox Escape. It is possible for an attacker to run an arbitrary command on the host machine. POC by Anirudh Anand for node 12.13.0 const safeEval = require'safe-eval'; const theFunction = function...

9.8CVSS7AI score0.0143EPSS
Exploits1References2
cve
cve
added 2005/10/25 4:0 a.m.52 views

CVE-2004-2504

The CVE affects Alt-N Technologies MDaemon (7.2 and earlier, including 6.8). The GUI creates new files by launching child processes (e.g., NOTEPAD.EXE) with SYSTEM privileges, enabling local users with physical access to escalate privileges. Root cause is the GUI spawning and executing external e...

7.2CVSS6.4AI score0.00484EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder