CVE-2026-44712

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...

CVE-2026-41011

PackagePersister.validatetgz builds "tar -tf tgz 2&1" where tgz = File.joinreleasedir, 'packages', "name.tgz" and name = packagemeta'name' comes directly from release.MF inside the uploaded tarball. The string is passed to Bosh::Common::Exec.sh, which executes via %x — i.e., /bin/sh -c. No...

EUVD-2026-32662

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...

EUVD-2026-17903

ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers...

SUSE CVE-2020-14342

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges...

Shescape 安全漏洞

Shescape is open source a simple shell escaping program package for JavaScript . Use it to escape user-controlled input to shell commands to prevent shell injection. A security vulnerability exists in versions of Shescape prior to 1.5.8, which stems from insufficient space-specific escaping on...

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission such as via sudo rules could use this flaw to escalate their privileges.

...

CVE-2020-14342

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges...

CVE-2020-14342

CVE-2020-14342 affects cifs-utils’ mount.cifs, which can invoke a shell when requesting the Samba password. This enables local attackers with sufficient permissions (for example via sudo rule configurations) to inject commands and escalate privileges. Public advisories confirm a shell-injection f...

patch security update

2.7.6-9 - CVE-2018-20969, invoke ed directly instead of using the shell...

linux/x86 setuid(0) and /bin/sh execve() shellcode 30 bytes

No description provided by source. / $Id: setuid-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $ setuid-linux.c - setuid/execve shellcode for Linux/x86 Copyright c 2004 Marco Ivaldi [email protected] Short fully-functional setuid0 and /bin/sh execve shellcode. / / setuid0 8049380: 6a 17 push...

solaris/SPARC execve /bin/sh 52 bytes

No description provided by source. //Solaris/Sparc - LSD char shellcode= "\x20\xbf\xff\xff" / bn,a shellcode-4 / "\x20\xbf\xff\xff" / bn,a shellcode / "\x7f\xff\xff\xff" / call shellcode+4 / "\x90\x03\xe0\x20" / add %o7,32,%o0 / "\x92\x02\x20\x10" / add %o0,16,%o1 / "\xc0\x22\x20\x08" / st...