GitHub expands application security coverage with AI‑powered detections

AI is accelerating software development and expanding the range of languages and frameworks used in modern repositories. Security teams are increasingly responsible for protecting code written across many ecosystems, not just the core enterprise languages traditionally covered by static analysis...

PT-2022-16832 · Shescape · Shescape

Name of the Vulnerable Software and Affected Versions: shescape versions 1.4.0 through 1.5.1 Description: The issue allows for exposure of the home directory on Unix systems when using Bash with the escape or escapeAll functions from the shescape API with the interpolation option set to true. Oth...

cdrecord $RSH exec() SUID Shell Creation

Exploit for linux platform in category local exploits ======================================== cdrecord $RSH exec SUID Shell Creation ======================================== !/bin/bash cdrecord-suidshell.sh - Iruid CAU 09.2004 Exploits cdrecord's exec of $RSH before dropping privs cat...