Lucene search
K

14 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 8:18 p.m.7 views

Malicious code in triage-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ef2bb10931626a345e1277463f9c2ec6ca36108c2d6131c9210707ea5692a64 package.json declares preinstall: node index.js, so the payload runs automatically on npm install with no user action. index.js requires os, fs, and...

5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.12 views

PT-2026-41550

Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp abspath parameter on PHP versions before 5.3.4. Attackers can supply malicious wp abspath values to simp...

6.9CVSS6.5AI score0.00533EPSS
Exploits0References5
OSV
OSV
added 2026/02/11 9:16 p.m.5 views

CVE-2020-37214

Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...

8.7CVSS5.7AI score
Exploits0References5
EUVD
EUVD
added 2025/12/12 12:30 a.m.5 views

EUVD-2024-55345

APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path...

8.7CVSS6.4AI score0.00812EPSS
Exploits0References4
NVD
NVD
added 2025/09/12 2:15 p.m.6 views

CVE-2025-9556

Langchaingo supports the use of jinja2 syntax when parsing prompts, which is in turn parsed using the gonja library v1.5.3. Gonja supports include and extends syntax to read files, which leads to a server side template injection vulnerability within langchaingo, allowing an attacker to insert a...

9.8CVSS0.00666EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/12 1:45 p.m.2 views

CVE-2025-9556 CVE-2025-9556

Langchaingo supports the use of jinja2 syntax when parsing prompts, which is in turn parsed using the gonja library v1.5.3. Gonja supports include and extends syntax to read files, which leads to a server side template injection vulnerability within langchaingo, allowing an attacker to insert a...

6.8AI score0.00666EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/20 3:31 p.m.13 views

CVE-2009-10005 ContentKeeper Web Appliance < 125.10 Arbitrary File Access via mimencode

ContentKeeper Web Appliance now maintained by Impero Software versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output...

8.7CVSS0.00722EPSS
Exploits0References5
CVE
CVE
added 2025/08/20 12:19 p.m.25 views

CVE-2025-4437

CVE-2025-4437 affects CRI-O (container runtime); Fedora advisories indicate cri-o1.33 up to version 1.33.5 fixes. The vulnerability arises when container runs with securityContext.runAsUser set to a non-existent user, causing CRI-O to read /etc/passwd into memory and potentially trigger memory ex...

5.7CVSS6.9AI score0.00224EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:55 a.m.8 views

CVE-2024-28753

RaspAP aka raspap-webgui through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request...

6.5CVSS6.8AI score0.00689EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/08 12:0 a.m.6 views

PT-2024-22561 · Raspap · Raspap

Name of the Vulnerable Software and Affected Versions: RaspAP aka raspap-webgui versions 3.0.9 and earlier Description: The issue allows remote attackers to read the /etc/passwd file via a crafted request. Recommendations: For RaspAP aka raspap-webgui versions 3.0.9 and earlier, update to a versi...

6.5CVSS6.4AI score0.00689EPSS
Exploits1References7
0day.today
0day.today
added 2019/07/02 12:0 a.m.276 views

Linux/ARM64 - Read /etc/passwd Shellcode (120 Bytes)

/ Title: Linux/ARM64 - Read /etc/passwd Shellcode 120 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial Xerus development...

7.1AI score
Exploits0
OSV
OSV
added 2018/11/17 2:29 p.m.7 views

CVE-2018-19326

Zyxel VMG1312-B10D devices before 5.13AAXA.8C0 allow ../ Directory Traversal, as demonstrated by reading /etc/passwd...

7.5CVSS5.8AI score0.09759EPSS
Exploits1References1
0day.today
0day.today
added 2018/01/15 12:0 a.m.22 views

Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode (105 bytes)

; =================================================================== ; Optimized version of shellcode at: ; http://shell-storm.org/shellcode/files/shellcode-867.php ; Author: SLAE64-1351 Keyman ; Date: 14/09/2014 ; ; Length: 105 bytes got shorter by 13 bytes ; ; What's new is that some...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/04/15 12:0 a.m.77 views

Linux/x86-64 - Read /etc/passwd Shellcode (65 bytes)

/ --------------------------------------------------------------------------------------------------- Linux/x8664 - Read /etc/passwd - 65 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa Sad-Gamaya | Tamaso Maa Jyotir-Gamaya | Mrtyor-Maa Amrtam Gamaya | Om Shaantih...

0.2AI score
Exploits0
Rows per page
Query Builder