[SECURITY] Fedora 43 Update: xmlstarlet-1.6.1-30.fc43

XMLStarlet is a set of command line utilities which can be used to transform, query, validate, and edit XML documents and files using simple set of shell commands in similar way it is done for plain text files using UNIX grep, sed, awk, diff, patch, join, etc commands...

CVE-2023-25617

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

EUVD-2018-11175

Malware in sbrugna...

EUVD-2025-10933

Malicious code in bioql PyPI...

[SECURITY] Fedora 42 Update: rust-nu-command-0.99.1-8.fc42

Nushell's built-in commands...

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

CVE-2025-3579

Aidex CVE-2025-3579 affects versions prior to 1.7. The issue is a prompt-injection vulnerability in the /api//message endpoint where the content parameter can be manipulated by an authenticated user with access to an open registry, enabling execution of OS commands (Unix), interaction with intern...

GHSA-XXHH-59GH-6FFX SAP Cloud SDK for AI Python has OS Command Injection when Program Objects Execution is Enabled

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

CVE-2020-7237

Cacti 1.2.8 allows Remote Code Execution by privileged users via shell metacharacters in the Performance Boost Debug Log field of pollerautomation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance...

[SECURITY] [DLA 1650-1] rssh security update

Package : rssh Version : 2.3.4-4+deb8u1 CVE ID : CVE-2019-1000018 Debian Bug : 919623 The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve Subversion, rdist and/or rsync operations. Missing validation in the scp...

Android Pentesting Portable Integrated Environment: Appie

Appie is a software package that has been pre-configured to function as an Android Pentesting Environment on any windows based machine without the need of a Virtual MachineVM or dualboot. It is completely portable and can be carried on USB stick or your smartphone. It is one of its kind Android...

MobaXterm - Terminal for Windows with X11 server, tabbed SSH client, network tools and much more...

MobaXterm is your ultimate toolbox for remote computing. In a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all...

QNAP Web Server Remote Code Execution via Bash Environment Variable Code Injection Exploit

This Metasploit module allows you to inject unix command with the same user who runs the http service - admin - directly on the QNAP system. Affected products: All Turbo NAS models except TS-100, TS-101, TS-200 Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Cod...

CVE-2015-0778

osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a service file...

Appie - Android Pentesting Portable Integrated Environment

Appie is a software package that has been pre-configured to function as an Android Pentesting Environment.It is completely portable and can be carried on USB stick.This is a one stop answer for all the tools needed in Android Application Security Assessment. Difference between Appie and existing...

Mitel AWC Unauthenticated Command Execution

No description provided by source. http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr10-14 PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 201...

[SECURITY] Fedora 14 Update: strigi-0.7.2-5.fc14.1

Strigi is a fast and light desktop search engine. It can handle a large ran ge of file formats such as emails, office documents, media files, and file archives. It can index files that are embedded in other files. This means e mail attachments and files in zip files are searchable as if they were...

Mitel AWC Unauthenticated Command Execution

Exploit for cgi platform in category web applications PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 2010 Vendor informed: Monday, 26 July 2010 Severity...

Mitel's AWC Command Execution

http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr10-14 PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 2010 Vendor informed: Monday, 26 July...

Nagios-statd Daemon Detection

Nagios-statd Daemon is running at this port. Nagios-statd nagios-statd Daemon is the daemon program for nagios-stat. These programs together comprise a systems monitoring tool for various platforms. It is designed to be integrated with the Nagios monitoring tool, although this is not a requiremen...