75 matches found
CVE-2026-45626
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
EUVD-2026-33372
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
arcane 操作系统命令注入漏洞
Arcane is an open-source Docker management software developed by Arcane. Versions of Arcane 1.18.1 and earlier contain a vulnerability related to operating system command injection. This vulnerability stems from the path cleaner in the GET /environments/id/volumes/volumeName/browse endpoint not...
EUVD-2006-1780
Malware in sbrugna...
CVE-2024-49676 WordPress Custom Icons for Elementor plugin <= 0.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor custom-icons-for-elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through = 0.3.3...
CVE-2024-49676 WordPress Custom Icons for Elementor plugin <= 0.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor custom-icons-for-elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through = 0.3.3...
Artica Proxy Unauthenticated PHP Deserialization Vulnerability
A Command Injection vulnerability in Artica Proxy appliance version 4.50 and 4.40 allows remote attackers to run arbitrary commands via unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and...
Debian: Security Advisory (DLA-63-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 35 Update: bash-5.1.8-3.fc35
The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...
Fedora: Security Advisory for bash (FEDORA-2022-5b644a935b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for bash (FEDORA-2022-4ff296fe8e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: bash-5.1.16-3.fc36
The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...
[SECURITY] Fedora 37 Update: bash-5.1.16-4.fc37
The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...
Fedora: Security Advisory for bash (FEDORA-2022-bf387ff344)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5380-1: Bash vulnerability
It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code...
Mouse Framework - An iOS And macOS Post Exploitation Surveillance Framework That Gives You A Command Line Session With Extra Functionality Between You And A Target Machine Using Only A Simple Mouse Payload
About Mouse Framework Mouse Framework is an iOS and macOS post exploitation surveillance framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and...
[SECURITY] Fedora 31 Update: ksh-2020.0.0-2.fc31
KornShell is a shell programming language, which is upward compatible with "sh" the Bourne Shell...
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
Design/Logic Flaw
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...