Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:18 p.m.6 views

CVE-2021-21386

APKLeaks is an open-source project for scanning APK file for URIs, endpoints & secrets. APKLeaks prior to v2.0.3 allows remote attackers to execute arbitrary OS commands via package name inside application manifest. An attacker could include arguments that allow unintended commands or code to be...

10CVSS7.8AI score0.02307EPSS
Exploits0References1
OSV
OSV
added 2022/01/21 11:3 p.m.17 views

GHSA-8434-V7XW-8M9X Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaks

APKLeaks prior to v2.0.4 allows remote authenticated attackers to execute arbitrary OS commands via package name inside the application manifest. Impact An authenticated attacker could include arguments that allow unintended commands or code to be executed, allow sensitive data to be read or...

9.3CVSS9.5AI score0.02307EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/01/21 11:3 p.m.40 views

Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaks

APKLeaks prior to v2.0.4 allows remote authenticated attackers to execute arbitrary OS commands via package name inside the application manifest. Impact An authenticated attacker could include arguments that allow unintended commands or code to be executed, allow sensitive data to be read or...

10CVSS7.2AI score0.02307EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/03/24 8:55 p.m.17 views

CVE-2021-21386 Improper Neutralization of Argument Delimiters in a Decompiling Package Process

APKLeaks is an open-source project for scanning APK file for URIs, endpoints & secrets. APKLeaks prior to v2.0.3 allows remote attackers to execute arbitrary OS commands via package name inside application manifest. An attacker could include arguments that allow unintended commands or code to be...

9.3CVSS9.9AI score0.02307EPSS
Exploits0References2
0day.today
0day.today
added 2021/03/09 12:0 a.m.80 views

Mozilla Arbitrary Code Execution / Privilege Escalation Vulnerability

Hi @ll, back in 2015 and 2016, I disclosed several BLOODY beginner's errors alias epic failures in Mozilla's PERMANENTLY vulnerable executable installers for Windows, built by completely incompetent tinkerers: Defense in depth -- the Mozilla way: return and exit codes are dispensable alias and...

6.9CVSS9.5AI score0.00408EPSS
Exploits3
Packet Storm
Packet Storm
added 2017/01/04 12:0 a.m.62 views

SoftMaker Office 201x Privilege Escalation

Hi @ll, the service pack installers for SoftMaker Office 201x, available from , are surprise.- vulnerable. The executable installer OUCH ofw16763.exe, a 7z SFX OUCH, creates an UNPROTECTED directory "%TEMP%\7zSxxxxxxxx" to extract its payload, then executes "%TEMP%\7zSxxxxxxxx\spsetup.exe"...

0.9AI score
Exploits0
Rows per page
Query Builder