Lucene search
K

315 matches found

Veracode
Veracode
added 2025/12/15 5:25 a.m.7 views

Arbitrary Command Injection

mcp-server-kubernetes is vulnerable to Arbitrary Command Injection. The vulnerability is due to passing user-supplied command strings directly to shell execution sh -c without input validation, which allows an attacker to inject and execute arbitrary commands through crafted inputs or indirect...

8.8CVSS8.1AI score0.01309EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2025/12/11 4:48 p.m.4 views

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the evaluation of credential values in non-POSIX shell environments. An attacker can execute arbitrary commands on the operator's device by crafting malicious credential values in infrastructure Secret...

8CVSS7.9AI score0.00204EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/11 4:48 p.m.2 views

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the evaluation of credential values in non-POSIX shell environments. An attacker can execute arbitrary commands on the operator's device by crafting malicious credential values in infrastructure Secret...

8CVSS7.9AI score0.00204EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/11 4:48 p.m.2 views

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the evaluation of credential values in non-POSIX shell environments. An attacker can execute arbitrary commands on the operator's device by crafting malicious credential values in infrastructure Secret...

8CVSS7.9AI score0.00204EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/09 10:47 p.m.2 views

Arbitrary Command Injection

Overview cai-framework is a Cybersecurity AI Framework Affected versions of this package are vulnerable to Arbitrary Command Injection via the runsshcommandwithcredentials function. An attacker can execute arbitrary commands on the host system by supplying crafted values for the username, host, o...

9.8CVSS7.7AI score0.01831EPSS
Exploits1References2
Snyk
Snyk
added 2025/12/03 8:44 p.m.6 views

Arbitrary Command Injection

Overview mcp-server-kubernetes is a MCP server for interacting with Kubernetes clusters via kubectl Affected versions of this package are vulnerable to Arbitrary Command Injection via the execinpod tool. An attacker can execute arbitrary commands within Kubernetes pods by supplying crafted input...

8.8CVSS7.7AI score0.01309EPSS
Exploits1References2
Snyk
Snyk
added 2025/12/02 9:51 p.m.4 views

Arbitrary Command Injection

Overview feehi/cms is a Feehi CMS project template. Affected versions of this package are vulnerable to Arbitrary Command Injection via the Ad management feature. An attacker can execute arbitrary code on the server by uploading a crafted PHP file, which is then executed due to insufficient...

7.7CVSS8AI score0.00346EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/26 10:9 p.m.4 views

Arbitrary Command Injection

Overview willitmerge is an A command line tool to check if pull requests are mergeable. Affected versions of this package are vulnerable to Arbitrary Command Injection due to the use of insecure child process execution API exec. An attacker can execute arbitrary system commands by supplying craft...

9.8CVSS8AI score0.02413EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/13 1:44 p.m.3 views

Arbitrary Command Injection

Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Arbitrary Command Injection via the backup and restore processes when handling file path input with shell execution enabled. An attacker can execute arbitrary system commands by supplying specially crafted...

9.8CVSS7.8AI score0.00754EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.9 views

PT-2025-46853

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center affected versions not specified Description A flaw exists in the REST API of Cisco Catalyst Center that could allow a remote attacker with valid credentials at least Observer role to execute arbitrary commands within a...

6.3CVSS7AI score0.00324EPSS
Exploits0References4
Snyk
Snyk
added 2025/10/14 9:30 p.m.4 views

Arbitrary Command Injection

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Arbitrary Command Injection via the nodevm execution environment when integrated modules such as Puppeteer or Playwright are used with attacker-controlled browser binary paths and parameters. An authenticat...

9.9CVSS7.9AI score0.50789EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-4897

Malware in sbrugna...

9.8CVSS9.2AI score0.04571EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0518

Malware in sbrugna...

8.8CVSS8.6AI score0.02814EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-8489

Malware in sbrugna...

10CVSS9.2AI score0.06138EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-6573

Malware in sbrugna...

7.8CVSS6.7AI score0.00419EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-9468

Malware in sbrugna...

10CVSS9.2AI score0.01499EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1767

Malware in sbrugna...

7.5CVSS9.2AI score0.02193EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1258

Malicious code in bioql PyPI...

7.2CVSS6.3AI score0.00782EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3166

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.0242EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-6555

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.02991EPSS
Exploits1References5
Rows per page
Query Builder