Lucene search
+L

5 matches found

OSV
OSV
added 2026/04/22 5:16 p.m.19 views

UBUNTU-CVE-2026-35359

A Time-of-Check to Time-of-Use TOCTOU vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the ONOFOLLOW flag. An attacker with...

4.7CVSS5.9AI score0.00105EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/08/01 11:18 a.m.5 views

golang: cmd/go: misinterpretation of branch names can lead to incorrect access control

A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the...

7.5CVSS7.1AI score0.02698EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.4 views

PT-2022-20406 · Jenkins · Jenkins Wmi Windows Agents Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins WMI Windows Agents Plugin versions 1.8 and earlier Description: The Jenkins WMI Windows Agents Plugin includes the Windows Remote Command library, which does not implement access control. This potentially allows users to start process...

8.8CVSS9.2AI score0.00824EPSS
Exploits0References8
Snyk
Snyk
added 2021/08/23 10:28 a.m.4 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system. Steps to Reproduce 1...

9.3CVSS7.4AI score0.01824EPSS
Exploits1References2
CNVD
CNVD
added 2020/11/23 12:0 a.m.2 views

Denial of Service Vulnerability in ZDZ VisualField VFRemoteCmdImpl.dll Component (CNVD-2020-69504)

VisualField VF for short system software is a software package for control system configuration and monitoring for the ECS-700 system. A denial-of-service vulnerability exists in the VisualField VFRemoteCmdImpl.dll component of ZDCC, which can be exploited by an attacker to cause the RPC service ...

6.8AI score
Exploits0
Rows per page
Query Builder