NagiosXI <= 5.4.12 `commandline.php` SQL injection

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter. id: CVE-2018-10735 info: name: NagiosXI = 5.4.12 commandline.php SQL injection author: DhiyaneshDk severity: high description: | A SQL injection issue was discovered in Nagios XI before...

Exploit for Out-of-bounds Write in Google Chrome

CVE-2023-4863 — Laboratorio de explotación de libwebp Reprodu...

Astra Linux - уязвимость в maven-shared-utils

In Apache Maven’s maven-shared-utils before version 3.3.3, the Commandline class could generate double-quoted strings without proper escaping, allowing for shell injection attacks...

Resource Injection

Overview Affected versions of this package are vulnerable to Resource Injection in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can bypass intended validation by supplying specially crafted package metadata IDs or versions. Remediation Upgrade...

EUVD-2015-8109

Malware in sbrugna...

EUVD-2018-9698

Malware in sbrugna...

[SECURITY] Fedora 41 Update: python-deepdiff-8.6.1-1.fc41

Deep Difference of dictionaries, iterables, strings, and ANY other object. Includes additional modules with related functionality: DeepSearch: Search for objects within other objects. DeepHash: Hash any object based on their content. Delta: Store the difference of objects and apply them to other...

[SECURITY] Fedora 42 Update: python-deepdiff-8.6.1-1.fc42

Deep Difference of dictionaries, iterables, strings, and ANY other object. Includes additional modules with related functionality: DeepSearch: Search for objects within other objects. DeepHash: Hash any object based on their content. Delta: Store the difference of objects and apply them to other...

CVE-2015-8220

Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link...

SUSE SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2025:0054-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0054-1 advisory. - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a...

CVE-2024-45772 Apache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

CVE-2024-45772

CVE-2024-45772 (Apache Lucene Replicator) : A deserialization of untrusted data vulnerability affects Lucene Replicator in versions 4.4.0 through before 9.12.0; the deprecated org.apache.lucene.replicator.http package is affected, while org.apache.lucene.replicator.nrt is not. The issue can be tr...

PT-2024-6441

Name of the Vulnerable Software and Affected Versions CUPS versions 2.x cups-filters versions up to 2.0.1 Description The issue is related to the FoomaticRIPCommandLine function in the CUPS printing system, which allows remote command execution via a PPD file. This can be exploited when combined...

[SECURITY] Fedora 39 Update: osc-1.9.1-420.1.1.fc39

Commandline client for the Open Build Service. See http://en.opensuse.org/openSUSE:OSC , as well as http://en.opensuse.org/openSUSE:BuildServiceTutorial for a general introduction...

FreeBSD : RabbitMQ-C -- auth credentials visible in commandline tool options (7e9cc7fd-6b3e-46c5-ad6d-409d90d41bbf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7e9cc7fd-6b3e-46c5-ad6d-409d90d41bbf advisory. hadmut reports: This C library includes 2 command-line tools that can take credentials as command-line...

flatpak: sandbox escape via RequestBackground portal

A flaw was found in Flatpak, a system for building, distributing, and running sandboxed desktop applications on Linux. Normally, the "--command" argument of "flatpak run" expects being given a command to run in the specified Flatpak app, along with optional arguments. However, it is possible to...

USN-6711-1 crmsh vulnerability

Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...