Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.6 views

CVE-2020-7604

pulverizr through 0.7.0 allows execution of arbitrary commands. Within "lib/job.js", the variable "filename" can be controlled by the attacker. This function uses the variable "filename" to construct the argument of the exec call without any sanitization. In order to successfully exploit this...

9.8CVSS6.9AI score0.02512EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-1061

Malware in sbrugna...

9.8CVSS9.3AI score0.02512EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2020/03/26 12:0 a.m.2 views

The vulnerability of the Pulverizr package in the NPM package manager allows a hacker to execute arbitrary commands.

The vulnerability of the Pulverizr package exists because measures to neutralize special elements have not been taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the target system by creating a file with malicious content and the name lib/job.js...

10CVSS8.2AI score0.02512EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2020/03/13 10:30 a.m.6 views

brew-js (>=0.1.0 <=0.1.8), buildr (>=0.2.0 <=0.8.7) +9 more potentially affected by CVE-2020-7604 via pulverizr (=0.7.0)

pulverizr NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on pulverizr and may be impacted: - brew-js =0.1.0, =0.2.0, =0.1.0, =0.0.1, =0.0.2, =1.0.0, =0.1.0, =0.0.11, =0.0.12 Source cves: CVE-2020-7604 Source advisory:...

9.8CVSS7.2AI score0.02512EPSS
Exploits1
Rows per page
Query Builder