CVE-2022-31180 Insufficient escaping of whitespace in shescape

Shescape is a simple shell escape package for JavaScript. Affected versions were found to have insufficient escaping of white space when interpolating output. This issue only impacts users that use the escape or escapeAll functions with the interpolation option set to true. The result is that if ...

[SECURITY] Fedora 36 Update: golang-github-sqshq-sampler-1.1.0-10.fc36

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2022-2169)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. Th...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2022-2144)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. Th...

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Remote Root

SpaceLogic.ps1 Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com https://www.se.com/ww/en/product/5200WHC2/home-controller-spacelogic-cbus-cbus-ip-free-standing-24v-dc/...

Fedora: Security Advisory for golang-github-sqshq-sampler (FEDORA-2022-3e1ade35db)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fixed CVE-2015-20170 in python

CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...

Apache Spark Command Injection Vulnerability

Apache Spark is a large-scale data processing engine that supports acyclic data streaming and in-memory computing from the Apache Foundation. Apache Spark suffers from a command injection vulnerability that can be exploited by an attacker to cause arbitrary shell commands to be executed as the us...

Apache Spark 操作系统操作系统命令注入漏洞

Apache Spark is a large-scale data processing engine that supports acyclic data streaming and in-memory computing from the Apache Foundation. Apache Spark suffers from a command injection vulnerability that can be exploited by an attacker to cause arbitrary shell commands to be executed as the us...

Command Injection

python is vulnerable to command injection. The vulnerability exist due to mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input...

PT-2022-20592 · Microsoft +1 · Powershell +2

Name of the Vulnerable Software and Affected Versions: Shescape versions prior to 1.5.8 Description: The issue impacts users of the escape or escapeAll functions with the interpolation option set to true. If an attacker can include whitespace in their input, they can invoke shell-specific behavio...

EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2022-2119)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Python vulnerability (USN-5519-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5519-1 advisory. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitra...

[SECURITY] Fedora 36 Update: golang-github-sqshq-sampler-1.1.0-9.fc36

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2022:2357-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2357-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-1978)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2022-2008)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. Th...

CVE-2022-32534

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...

CVE-2022-32534

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...

Command injection

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...