Lucene search
K

787 matches found

Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-57886

Name of the Vulnerable Software and Affected Versions luci-app-banip versions 0 through 0.11.1 Description A log parsing flaw exists where the awk-based parser extracts the first IPv4 address from log lines regardless of its field position. This allows an unauthenticated remote attacker to inject...

8.7CVSS6.2AI score0.00445EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 2:16 a.m.11 views

CVE-2026-8592

OS Command Injection vulnerability in the processstring action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline...

9.8CVSS0.00675EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:32 a.m.12 views

CVE-2026-8592

The vulnerability CVE-2026-8592 affects the Rapid7 InsightConnect AWK Plugin (Linux) where the process_string action constructs shell commands unsafely in the processing pipeline, enabling OS command execution via text or expression parameters. This is a remote issue with potential impact on conf...

9.8CVSS6.3AI score0.00675EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/25 1:32 a.m.34 views

CVE-2026-8592 OS Command Injection in Rapid7 InsightConnect AWK Plugin

OS Command Injection vulnerability in the processstring action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline...

7.7CVSS0.00675EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:32 a.m.5 views

CVE-2026-8592

OS Command Injection vulnerability in the processstring action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline...

7.7CVSS6.3AI score0.00675EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-10796

nvm Node Version Manager through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as nvm install read the available versions from the mirror's index.tab and use the selected version, without sanitization, to build download URLs...

7.5CVSS5.9AI score0.00464EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/04 5:2 p.m.14 views

EUVD-2026-34303

nvm Node Version Manager through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as nvm install read the available versions from the mirror's index.tab and use the selected version, without sanitization, to build download URLs...

7.5CVSS6.1AI score0.00464EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/04 5:2 p.m.10 views

CVE-2026-10796

nvm Node Version Manager through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as nvm install read the available versions from the mirror's index.tab and use the selected version, without sanitization, to build download URLs...

7.5CVSS6.1AI score0.00464EPSS
Exploits1References5
CVE
CVE
added 2026/06/04 5:2 p.m.32 views

CVE-2026-10796

Vulnerability summary (CVE-2026-10796) : nvm (Node Version Manager)

7.5CVSS6.1AI score0.00464EPSS
Exploits1References4Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handlespecial function...

7.2CVSS7.6AI score0.02542EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...

7.2CVSS7.6AI score0.02579EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hashinit function...

7.2CVSS7.5AI score0.02579EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in busybox

A use-after-free condition in Busybox’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the getvari function...

7.2CVSS7.5AI score0.02542EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in busybox

A use-after-free condition in Busybox’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the nextinputfile function...

7.2CVSS7.5AI score0.02579EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in busybox

A use-after-free condition in Busybox’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the getvars function...

7.2CVSS7.4AI score0.02542EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function...

7.2CVSS7.4AI score0.02793EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function...

7.2CVSS7.6AI score0.02542EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox 1.35-x’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the copyvar function...

7.8CVSS7AI score0.0118EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/05/15 5:38 p.m.86 views

Exploit for CVE-2025-9074

🐚 docker-shell A lightweight, dependency-free bash script tha...

9.3CVSS6.1AI score0.01594EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2026/03/14 12:0 a.m.5 views

SUSE SLES12 Security Update : busybox (SUSE-SU-2026:0892-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0892-1 advisory. - CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580. - CVE-2023-42364: use-after-free in the awk....

7.2CVSS6.3AI score0.02793EPSS
Exploits6References25
Rows per page
Query Builder