Lucene search
K

4775 matches found

Node.js
Node.js
added 2017/08/08 9:31 p.m.31 views

Hijacked Environment Variables

Overview The nodefabric package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real...

5CVSS4.4AI score0.01177EPSS
Exploits0Affected Software1
Node.js
Node.js
added 2017/08/08 9:23 p.m.27 views

Hijacked Environment Variables

Overview The fabric-js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real...

5CVSS4.7AI score0.01123EPSS
Exploits0Affected Software1
Node.js
Node.js
added 2017/08/08 9:22 p.m.35 views

Hijacked Environment Variables

Overview The sqlserver package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real...

5CVSS4.5AI score0.01123EPSS
Exploits0Affected Software1
Node.js
Node.js
added 2017/08/08 9:20 p.m.22 views

Hijacked Environment Variables

Overview The mssql.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real securi...

5CVSS4.7AI score0.01123EPSS
Exploits0Affected Software1
Node.js
Node.js
added 2017/08/08 6:42 p.m.31 views

Hijacked Environment Variables

Overview The nodemssql package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real...

5CVSS4.4AI score0.01123EPSS
Exploits0Affected Software1
Node.js
Node.js
added 2017/08/07 6:10 p.m.28 views

Hijacked Environment Variables

Overview The mssql-node package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this module is malware, if you find it installed in your environment, the real...

5CVSS4.5AI score0.01123EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2017/08/04 12:0 a.m.36 views

RedHat Update for bash RHSA-2017:1931-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.4AI score0.06019EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/08/01 2:26 p.m.3 views

bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution

An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances...

8.4CVSS7.4AI score0.00576EPSS
Exploits0References4
NVD
NVD
added 2017/07/17 1:18 p.m.13 views

CVE-2017-1000037

RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically...

9.8CVSS9.9AI score0.06176EPSS
Exploits1References1
Prion
Prion
added 2017/07/17 1:18 p.m.13 views

Command injection

RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically...

7.5CVSS9.8AI score0.06176EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/07/13 8:0 p.m.46 views

CVE-2017-1000037

CVE-2017-1000037 (RVM) : The connected sources document a code-execution/command-injection vulnerability in the Ruby Version Manager (RVM) where environment variables are automatically loaded from files in the current working directory ($PWD). This behavior allows arbitrary code execution when im...

9.8CVSS9.8AI score0.06176EPSS
Exploits1References1Affected Software1
0day.today
0day.today
added 2017/07/08 12:0 a.m.46 views

Microsoft .NET Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Hi @ll, all versions of .NET Framework support to load a COM object as code profiler, enabled via two or three environment variables. From | A profiler DLL is an unmanaged DLL that runs as part of the | common language runtime execution...

6.8AI score
Exploits0
FireEye
FireEye
added 2017/06/30 7:0 p.m.24 views

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

7.2AI score
Exploits0
FireEye
FireEye
added 2017/06/30 7:0 p.m.18 views

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

0.7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2017/06/23 8:29 p.m.17 views

CVE-2017-9772

Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable...

10CVSS7.2AI score0.03496EPSS
Exploits0References2
Prion
Prion
added 2017/06/23 8:29 p.m.11 views

Design/Logic Flaw

Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable...

10CVSS7.5AI score0.03496EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/06/23 8:29 p.m.2 views

UBUNTU-CVE-2017-9772

Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable...

9.8CVSS7.2AI score0.03496EPSS
Exploits0References3
OSV
OSV
added 2017/06/23 3:19 p.m.2 views

OSEC-2017-01 Local privilege escalation issue with ocaml binaries

Description Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable...

9.8CVSS5.6AI score0.03496EPSS
Exploits0References1
OSV
OSV
added 2017/06/22 12:0 a.m.13 views

PSF-2017-8 Environment variables injection in subprocess on Windows

On Windows, prevent passing invalid environment variables and command arguments to subprocess.Popen. It is possible to inject an environment variable in subprocess on Windows if a user data is passed to a subprocess via environment variable. Check for invalid environment variable names containing...

7AI score
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2017/06/22 12:0 a.m.33 views

USN-3323-1: GNU C Library vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker could use this in combination with another vulnerability...

7.8CVSS7AI score0.02733EPSS
Exploits14
Rows per page
Query Builder