11 matches found
EUVD-2025-13624
Malicious code in bioql PyPI...
CVE-2025-46735
Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version 1.0.5. The windnsrecord resource did not sanitize the input variables. This could lead to authenticated command...
CVE-2025-46735
Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version 1.0.5. The windnsrecord resource did not sanitize the input variables. This could lead to authenticated command...
CVE-2025-46735
CVE-2025-46735 concerns the Terraform WinDNS Provider, where the windns_record resource did not sanitize input variables, enabling authenticated command injection in the underlying PowerShell prompt. Affected software is the Terraform WinDNS Provider (prior to version 1.0.5). The issue’s impact i...
CVE-2025-46735 Terraform WinDNS Provider improperly sanitizes input variables in `windns_record`
Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version 1.0.5. The windnsrecord resource did not sanitize the input variables. This could lead to authenticated command...
CVE-2025-46735 Terraform WinDNS Provider improperly sanitizes input variables in `windns_record`
Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version 1.0.5. The windnsrecord resource did not sanitize the input variables. This could lead to authenticated command...
CVE-2025-46735 Terraform WinDNS Provider improperly sanitizes input variables in `windns_record`
Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version 1.0.5. The windnsrecord resource did not sanitize the input variables. This could lead to authenticated command...
Terraform WinDNS Provider improperly sanitizes input variables in `windns_record`
Impact: A security issue has been found in terraform-provider-windns before version 1.0.5. The windnsrecord resource did not santize the input variables. This can lead to authenticated command injection in the underlyding powershell command prompt. Patches: 83ef736 fix: better input validation...
GHSA-4VGF-2CM4-MP7C Terraform WinDNS Provider improperly sanitizes input variables in `windns_record`
Impact: A security issue has been found in terraform-provider-windns before version 1.0.5. The windnsrecord resource did not santize the input variables. This can lead to authenticated command injection in the underlyding powershell command prompt. Patches: 83ef736 fix: better input validation...
Terraform WinDNS Provider 命令注入漏洞
Terraform WinDNS Provider is a Norsk rikskringkasting open source tool for managing DNS records in Windows DNS servers using Terraform. A command injection vulnerability exists in Terraform WinDNS Provider versions prior to 1.0.5, which stems from failure to clean up input variables and could lea...
PT-2025-19981 · Hashicorp · Terraform Windns Provider
Name of the Vulnerable Software and Affected Versions: Terraform WinDNS Provider versions prior to 1.0.5 Description: A security issue has been found in the Terraform WinDNS Provider, where the windns record resource did not sanitize the input variables, leading to authenticated command injection...