787 matches found
PT-2026-57886
Name of the Vulnerable Software and Affected Versions luci-app-banip versions 0 through 0.11.1 Description A log parsing flaw exists where the awk-based parser extracts the first IPv4 address from log lines regardless of its field position. This allows an unauthenticated remote attacker to inject...
CVE-2026-8592
OS Command Injection vulnerability in the processstring action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline...
CVE-2026-8592
The vulnerability CVE-2026-8592 affects the Rapid7 InsightConnect AWK Plugin (Linux) where the process_string action constructs shell commands unsafely in the processing pipeline, enabling OS command execution via text or expression parameters. This is a remote issue with potential impact on conf...
CVE-2026-8592 OS Command Injection in Rapid7 InsightConnect AWK Plugin
OS Command Injection vulnerability in the processstring action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline...
CVE-2026-8592
OS Command Injection vulnerability in the processstring action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline...
CVE-2026-10796
nvm Node Version Manager through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as nvm install read the available versions from the mirror's index.tab and use the selected version, without sanitization, to build download URLs...
EUVD-2026-34303
nvm Node Version Manager through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as nvm install read the available versions from the mirror's index.tab and use the selected version, without sanitization, to build download URLs...
CVE-2026-10796
nvm Node Version Manager through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as nvm install read the available versions from the mirror's index.tab and use the selected version, without sanitization, to build download URLs...
CVE-2026-10796
Vulnerability summary (CVE-2026-10796) : nvm (Node Version Manager)
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handlespecial function...
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hashinit function...
Astra Linux – Vulnerability in busybox
A use-after-free condition in Busybox’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the getvari function...
Astra Linux – Vulnerability in busybox
A use-after-free condition in Busybox’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the nextinputfile function...
Astra Linux – Vulnerability in busybox
A use-after-free condition in Busybox’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the getvars function...
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function...
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function...
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox 1.35-x’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the copyvar function...
Exploit for CVE-2025-9074
🐚 docker-shell A lightweight, dependency-free bash script tha...
SUSE SLES12 Security Update : busybox (SUSE-SU-2026:0892-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0892-1 advisory. - CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580. - CVE-2023-42364: use-after-free in the awk....