341 matches found
CVE-2025-54080
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...
[SECURITY] Fedora 42 Update: glab-1.67.0-1.fc42
A GitLab CLI tool bringing GitLab to your command line...
CVE-2025-9165
A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...
Findsploit
It is an offensive tool for searching exploit databases. The primary CVE ID is not present in the provided context. The target product/service or framework is not explicitly stated, but the tool searches for exploits in local and online databases, suggesting it is a general-purpose exploit finder...
Malicious code in mjb-playground-module-as-cli-tool (npm)
The package mjb-playground-module-as-cli-tool was found to contain malicious code...
[SECURITY] Fedora 42 Update: mingw-libxslt-1.1.43-3.fc42
This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...
CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-6170)
The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6170 advisory. - A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When...
SharpKatz
This is a port of the mimikatz tool, specifically the sekurlsa::logonpasswords, sekurlsa::ekeys, and lsadump::dcsync commands, to C and .NET. The tool is called SharpKatz. The tool is designed to extract sensitive information from a Windows system, including: Logon passwords Kerberos encryption...
CVE-2024-41921
The CVE describes a code-injection vulnerability in the ROS rostopic echo command. Affected product: Robot Operating System (ROS) rostopic tool, affecting Noetic Ninjemys and earlier. Root cause: the echo verb accepts a user-supplied Python expression through --filter, and passes it directly to e...
CVE-2024-41148 Unsafe use of eval() method in rostopic hz tool
A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...
[SECURITY] Fedora 42 Update: selenium-manager-4.34.0-2.fc42
Selenium Manager is a command-line tool implemented in Rust that provides automated driver and browser management for Selenium...
[SECURITY] Fedora 41 Update: selenium-manager-4.32.0-5.fc41
Selenium Manager is a command-line tool implemented in Rust that provides automated driver and browser management for Selenium...
TestSSL 3.2.1
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...
Exploit for SQL Injection in Mayurik Best_Salon_Management_System
CVE-2025-6860 Exploit Tool A proof‑of‑concept command‑line to...
[SECURITY] Fedora 41 Update: glow-2.1.1-1.fc41
Glow is a terminal based markdown reader designed from the ground up to bring out the beauty=E2=80=94and power=E2=80=94of the CLI. Use it to discover mark down files, read documentation directly on the command line. Glow will find local markdown files in subdirectories or a local Git repository...
CVE-2025-6170 Libxml2: stack buffer overflow in xmllint interactive shell command handling
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
CVE-2025-6170
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
CVE-2025-5278
A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...
CVE-2025-5222
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
CVE-2024-52582
Cachi2 is a command-line interface tool that pre-fetches a project's dependencies to aid in making the project's build process network-isolated. Prior to version 0.14.0, secrets may be shown in logs when an unhandled exception is triggered because the tool is logging locals of each function. This...