161 matches found
PT-2025-38667
Name of the Vulnerable Software and Affected Versions CosmodiumCS OnlyRAT versions prior to 3.3 Description A vulnerability exists in CosmodiumCS OnlyRAT. The connect/remote upload/remote download function within the main.py file of the Configuration File Handler component is affected. Manipulati...
CVE-2025-9176
A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the...
CVE-2025-9176
CVE-2025-9176 affects neurobin shc up to version 4.0.3. The vulnerability is in the Environment Variable Handler, specifically the make function in src/shc.c, enabling local OS command injection. Exploitation requires local access, and public exploits/ PoC are mentioned in multiple sources. Remed...
CVE-2025-9174
A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...
CVE-2025-9174 neurobin shc Filename shc.c make os command injection
A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...
CVE-2025-9174 neurobin shc Filename shc.c make os command injection
A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...
PT-2025-33886 · Unknown · Neurobin Shc
Name of the Vulnerable Software and Affected Versions: neurobin shc versions through 4.0.3 Description: A security flaw has been discovered in the Environment Variable Handler component of neurobin shc. The make function within the src/shc.c file is affected, resulting in operating system command...
Linux Distros Unpatched Vulnerability : CVE-2025-1369
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Affected by this vulnerability is an unknown functionality of the...
NewStart CGSL MAIN 7.02 : emacs Multiple Vulnerabilities (NS-SA-2025-0115)
The remote NewStart CGSL host, running version MAIN 7.02, has emacs packages installed that are affected by multiple vulnerabilities: - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C...
CVE-2025-7883
A vulnerability classified as critical has been found in Eluktronics Control Center 5.23.51.41. Affected is an unknown function of the file \AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to command injection. Attacking locally is a...
CVE-2023-3097
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been rated as critical. This issue affects the function setMainSource. The manipulation leads to os command injection. Local access is required to approach this attack. The exploit has been disclosed to the public...
CVE-2023-2091
A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function adjustcpufreqscalinggoverner. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been...
Linux Distros Unpatched Vulnerability : CVE-2022-48338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The...
Dell ThinOS 命令注入漏洞
Dell ThinOS is a client operating system from the American company Dell. A command injection vulnerability exists in Dell ThinOS version 2408, which stems from improper neutralization of special elements, and can be exploited by an attacker with local access rights to cause command execution...
CVE-2024-9145
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz legacy Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked as a "trusted folder"...
CVE-2024-9145 Local command injection in Wiz Code Visual Studio Code extension
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz legacy Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked as a "trusted folder"...
PT-2024-39454 · Microsoft +1 · Visual Studio Code +2
Name of the Vulnerable Software and Affected Versions: Wiz Code Visual Studio Code extension versions 1.0.0 through 1.5.3 Wiz legacy Visual Studio Code extension versions 0.13.0 through 0.17.8 Description: The issue allows for local command injection when a user opens a maliciously crafted...
Wiz Code和Wiz (legacy) 安全漏洞
Wiz Code and Wiz legacy are both a Visual Studio Code extension from Wiz, Inc. A security vulnerability exists in Wiz Code versions 1.0.0 through 1.5.3 and Wiz legacy versions 0.13.0 through 0.17.8, which stems from vulnerability to local command injection attacks...
CLSA-2024-1727287647 emacs: Fix of CVE-2024-48337
CVE-2024-48337: fix etags local command injection vulnerability...
CVE-2024-3995
In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...