The vulnerability of the SSH protocol implementation in the Dell Isilon InsightIQ performance monitoring and reporting analytics platform allows a hacker to bypass security restrictions and gain full control over the application.

The vulnerability of the SSH protocol implementation of the analysis platform for monitoring performance and generating reports in Dell Isilon InsightIQ is related to the use of cryptographic algorithms that contain vulnerabilities and risks. Exploiting this vulnerability could allow a malicious...

gnome-shell 安全漏洞

gnome-shell is a shell that provides core user interface functionality such as switching windows, launching applications or viewing notifications for the GNOME desktop. A security vulnerability exists in gnome-shell, where an attacker with low privileged privileges may be able to exploit the...

The vulnerability of the SSH protocol implementation in the cryptographic security tool PuTTY allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SSH protocol implementation in the cryptography security tool PuTTY is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

PuTTY 数据伪造问题漏洞

PuTTY is a free set of Telnet, Rlogin and SSH client software from Simon Tatham's personal developer. The software is primarily used for remote administration of Linux systems. PuTTY is vulnerable to a data forgery issue that could be exploited by an attacker to cause a controlled SSH server to...

The vulnerability of SSH clients on operating systems such as iOS, iPadOS, macOS, tvOS, and watchOS allows attackers to compromise the integrity of protected information.

The vulnerability of SSH clients for operating systems such as iOS, iPadOS, macOS, tvOS, and watchOS is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of protected information from a remote perspective...

CVE-2021-1306

A vulnerability in the restricted shell of Cisco Evolved Programmable Network EPN Manager, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. This vulnerability is du...

CVE-2020-10857

Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution...

Command Injection

async-git is vulnerable to command injection. An attacker is able to inject malicious OS command to the system shell via the getter function in the index.js file...

SSH Code Issues Vulnerabilities

SSH is an application protocol of SSH. It provides encrypted transmission of network traffic. A code issue vulnerability exists in version v0.0.0-20201203163018-be400aefbc4c and prior versions of golang.org/x/crypto/ssh component, which allows remote attackers to cause a denial of service to an s...

The vulnerability of the Shell infrastructure component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Shell infrastructure component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

The vulnerability of the Windows shell component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows shell component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

Potential Command Injection in libnotify

Versions 1.0.3 and earlier of libnotify are affected by a shell command injection vulnerability. This may result in execution of arbitrary shell commands, if user input is passed into libnotify.notify. Untrusted input passed in the call to libnotify.notify could result in execution of shell...

PT-2020-3981 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Shell infrastructure component, which improperly handles objects in memory. This could allow an attacker to run...

Exploit for Code Injection in Microsoft

This repository contains a proof-of-concept PoC exploit for CVE-2017-8759, a vulnerability in the Windows Shell that allows for arbitrary code execution. The exploit is designed to weaponize the vulnerability, allowing an attacker to execute malicious code on a vulnerable system. The PoC is...

Command Execution Vulnerability in SSH of UPS Management Module at VitiTech Ltd.

VitiTech is an uninterruptible power supply, automation control equipment and industrial battery company. A command execution vulnerability exists in SSH, the UPS management module of Verti Technologies Ltd. The vulnerability can be exploited to remotely execute system shell commands bypassing...

The vulnerability of a node’s shell for the `curl` command, related to the failure to eliminate special elements used in operating system commands, allows a perpetrator to execute arbitrary commands.

The vulnerability of a node’s command-line interface for the curl command relates to the failure to address the special elements used in operating system commands. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary commands...

CVE-2020-11965

In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration which has a required step fo...

UBUNTU-CVE-2019-14868

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those...

MikroTik routers resource management error vulnerability

MikroTik routers is a router product from the Latvian company MikroTik. A security vulnerability exists in the SSH daemon in MikroTik routers v6.44.3 and earlier versions. A remote attacker could exploit the vulnerability to cause new authorized connections to fail...

CVE-2014-2906

The psub function in fish aka fish-shell 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name...