Arbitrary Command Injection

Overview network is a the missing network utilities in Node.js. Affected versions of this package are vulnerable to Arbitrary Command Injection due to use of the childprocess exec function without input sanitization. If attacker-controlled user input is given to the macaddressfor function of the...

PT-2024-1512 · Node.Js · Node.Js

Name of the Vulnerable Software and Affected Versions: network versions prior to 0.7.0 Description: The issue exists due to insufficient input validation in the child process exec function of the Node.js Network utility. This allows a remote attacker to execute arbitrary commands on the operating...

Linux Kernel BPF spl2sw_driver.c spl2sw_nvmem_get_mac_address use after free

...

PT-2022-7349 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A critical vulnerability has been found in the Linux Kernel, affecting the spl2sw nvmem get mac address function in the drivers/net/ethernet/sunplus/spl2sw driver.c file of the BPF...