1260 matches found
CVE-2025-30673
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...
CVE-2024-38392
Pexip Infinity Connect before 1.13.0 has an integrity/authenticity flaw: during resource loading it does not perform sufficient authenticity checks, allowing a remote attacker to cause the application to execute untrusted code. The CVE-2024-38392 entry notes a high-severity, network-exploitable i...
CVE-2024-38392
Pexip Infinity Connect before 1.13.0 lacks sufficient authenticity checks during the loading of resources, and thus remote attackers can cause the application to run untrusted code...
CVE-2025-3051
Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary cod...
CVE-2025-30673
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...
UBUNTU-CVE-2025-30673
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...
CVE-2025-3051 Linux::Statm::Tiny for Perl allows untrusted code to be included from the current working directory
Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary cod...
CVE-2025-3051 Linux::Statm::Tiny for Perl allows untrusted code to be included from the current working directory
Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary cod...
CVE-2025-3051
CVE-2025-3051 / related Perl module issues involve an untrusted code inclusion vulnerability via the current working directory ('.') when loading code generated by Mite. Affected components include Linux::Statm::Tiny (pre-0.0701), Sub::HandlesVia (pre-0.050002), and Mite-generated code (before 0....
CVE-2025-30673 Sub::HandlesVia for Perl allows untrusted code to be included from the current working directory
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...
CVE-2025-30673 Sub::HandlesVia for Perl allows untrusted code to be included from the current working directory
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...
CVE-2025-30673
CVE-2025-30673 concerns Sub::HandlesVia for Perl prior to 0.050002, where an attacker can place a malicious file in the current working directory and have it loaded instead of the intended file. The underlying issue is caused by Mite-generated code including the current working directory in @INC ...
CVE-2025-30673
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...
MetaCPAN Linux::Statm::Tiny 代码问题漏洞
MetaCPAN Linux::Statm::Tiny is a library from the MetaCPAN Foundation. A code issue vulnerability exists in MetaCPAN Linux::Statm::Tiny versions prior to 0.0701, which stems from untrusted code that may be loaded in the current working directory and could lead to the execution of arbitrary code...
MetaCPAN Sub::HandlesVia 代码问题漏洞
MetaCPAN Sub::HandlesVia is a library of the MetaCPAN Foundation. A code issue vulnerability exists in versions prior to MetaCPAN Sub::HandlesVia 0.050002 that stems from allowing untrusted code to be loaded from the current working directory, which could lead to the execution of arbitrary code...
PT-2025-14020 · Tobyink +2 · Sub::Handlesvia +1
CVE-2025-30673 - Perl Sub::HandlesVia Remote Code Execution Vulnerability CVE ID : CVE-2025-30673 Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago Description : Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar ...
UBUNTU-CVE-2025-27793
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 5.32.0, corresponding to vega-functions prior to version 5.17.0, users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code...
Medium: java-23-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...
CVE-2024-10950
In binary-husky/gptacademic version = 3.83, the plugin CodeInterpreter is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. Th...
CVE-2024-10954
In the manim plugin of binary-husky/gptacademic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code...