Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-3357

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.02273EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2025/08/11 1:0 a.m.13 views

K000152943: PyYAML vulnerability CVE-2019-20477

Security Advisory Description PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342. CVE-2019-20477...

9.8CVSS7.4AI score0.05156EPSS
Exploits1
CVE
CVE
added 2025/08/08 6:14 p.m.14 views

CVE-2012-10048

CVE-2012-10048 affects Zenoss Core 3.x. The vulnerability is in the showDaemonXMLConfig endpoint where the daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitization, allowing an authenticated user to execute arbitrary commands on the server as the zenoss u...

8.7CVSS7.6AI score0.02665EPSS
Exploits0References6
Snyk
Snyk
added 2020/02/25 9:1 a.m.3 views

Command Injection

Overview codecov is a Python report uploader for Codecov. Affected versions of this package are vulnerable to Command Injection. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method. PoC by Snyk codecov --gcov-args='& echo test vuln1.txt'...

6.5CVSS6.9AI score0.00991EPSS
Exploits1References2
CNVD
CNVD
added 2017/10/12 12:0 a.m.3 views

Zyxel NBG6716 ozkerz component command injection vulnerability

The Zyxel NBG6716 is a wireless router product from Hopkin ZyXEL Technologies. ozkerz component is one of the components. A security vulnerability exists in the ozkerz component of the Zyxel NBG6716 V1.00AAKG.9C0 version, which originates from the program's direct use of beginIndex and endIndex i...

9.8CVSS9.4AI score0.02223EPSS
Exploits1References1
Rows per page
Query Builder