PT-2026-36545

Name of the Vulnerable Software and Affected Versions Sunwood-ai-labs command-executor-mcp-server versions prior to 0.1.1 Description An OS command injection flaw exists in the MCP Interface component within the execute command function of the src/index.ts file. This allows for remote code...

PCMan FTP Server Buffer Overflow Vulnerability

PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from unknown code in the RNTO command processor. No detailed vulnerability details are provided at this time...

PCMan FTP Server 安全漏洞

PCMan FTP Server is PCMan open source set of FTP server software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from an unknown feature in the EPSV command processor. No detailed vulnerability details are provided at this time...

SUSE CVE-2024-36951

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: range check cp bad op exception interrupts Due to a CP interrupt bug, bad packet garbage exception codes are raised. Do a range check so that the debugger and runtime do not receive garbage codes. Update the user api ...

The vulnerability of the CMD_W_REG command processor in the CE_A protocol implementation of the CE805M data collection and transmission device allows a perpetrator to modify parameters so that commands of the operating system are executed during automatic updates of the application software.

The vulnerability of the CMDWREG command processor in the CEA protocol implementation of the CE805M device for data collection and transmission is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to modify parameters so that system commands are executed...

The vulnerability of the CMD_W_REG command processor in the CEAR_MWDI_DFLT_PASSWORD register of the CE805M data collection and transmission device allows a attacker to compromise the integrity of the database or cause service failures.

The vulnerability of the CMDWREG command processor in the CEARMWDIDFLTPASSWORD registry of the CE805M data collection and transmission device is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow an attacker to compromise the...

Microsoft Windows UAC Privilege Escalation Vulnerability

Hi @ll, Microsoft still ships Windows with and lets it create user-writable directories below the "Windows" directory %SystemRoot%\ -- despite that, with exception of %SystemRoot%\Temp, they are all used to store DATA and SHOULD have been placed below %ProgramData% alias %SystemDrive%\ProgramData...

Microsoft Windows UAC Privilege Escalation

Hi @ll, Microsoft still ships Windows with and lets it create user-writable directories below the "Windows" directory %SystemRoot%\ -- despite that, with exception of %SystemRoot%\Temp, they are all used to store DATA and SHOULD have been placed below %ProgramData% alias %SystemDrive%\ProgramData...

[SECURITY] Fedora 31 Update: zsh-5.7.1-6.fc31

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

The vulnerability of the PAN-OS operating system, related to the lack of measures for cleaning incoming data, allows a perpetrator to gain access to the operating system’s command processor and enhance their privileges.

The vulnerability of the PAN-OS operating system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the operating system’s command processor and enhance their privileges...

The vulnerability of the rsync command processor in the RSSH command interface, due to insufficient input validation, allows a malicious actor to execute arbitrary commands.

The vulnerability of the rsync command processor in the RSSH command shell is related to errors in input data validation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

Obfuscated Command Line Detection Using Machine Learning

This blog post presents a machine learning ML approach to solving an emerging security problem: detecting obfuscated Windows command line invocations on endpoints. We start out with an introduction to this relatively new threat capability, and then discuss how such problems have traditionally bee...

[SECURITY] Fedora 29 Update: zsh-5.6.2-1.fc29

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

[SECURITY] Fedora 27 Update: zsh-5.4.1-4.fc27

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

[SECURITY] Fedora 28 Update: zsh-5.5.1-2.fc28

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

[SECURITY] Fedora 26 Update: zsh-5.3.1-7.fc26

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

Juniper Networks Junos OS DoS Vulnerability in XNM Command Processor

Denial of Service vulnerability in XNM command processor. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if...

CVE-2014-0613

The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before...

Command injection

The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before...

CVE-2014-0613

The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before...