14 matches found
Python Install Manager 安全漏洞
Python Install Manager is an open-source installation management tool for Python. Python Install Manager has a security vulnerability that stems from including the current working directory in the sys.path, which may allow malicious modules to be imported from a directory controlled by the attack...
EUVD-2006-2197
Malware in sbrugna...
EUVD-2018-11766
Malware in sbrugna...
EUVD-2023-2462
Malicious code in bioql PyPI...
Powerline Gitstatus vulnerable to arbitrary code execution
powerline-gitstatus aka Powerline Gitstatus before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs gi...
Powerline Gitstatus 命令注入漏洞
Powerline Gitstatus is a library for displaying the status of Git working copies by the individual developer Jasper N. Brouwer. A security vulnerability exists in versions of powerline Gitstatus prior to 1.3.2 that originates from a vulnerability that allows arbitrary code execution. if an attack...
procps: Local privilege escalation in top
If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of...
Arbitrary Code Execution
ibutils is vulnerable to arbitrary code execution. The vulnerability exists as it was found that the ibmssh executable had an insecure relative RPATH runtime library search path set in the ELF Executable and Linking Format header. A local user able to convince another user to run ibmssh in an...
Arbitrary Code Execution
openoffice.org is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the script that launches OpenOffice.org. In some situations, a "." character could be included in the LDLIBRARYPATH variable, allowing a local attacker to execute arbitrary code with the...
Privilege Escalation
procps-ng is vulnerable to privilege escalation. The top utility is run with HOME unset in an attacker-controlled directory, the attacker can exploit one of several vulnerabilities in the configfile to escalate the privileges...
CVE-2018-1435
IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563...
ELinks Relative 0.10.6 /011.1 Path Arbitrary Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23844/info ELinks is prone to an arbitrary code-execution vulnerability. An attacker can exploit this issue to potentially execute arbitrary code with the privileges of the user running the affected application. This issu...
CVE-2006-2196
Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges...
CVE-2006-2196
Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges...