Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0090

Malware in sbrugna...

4.4CVSS6.1AI score0.00383EPSS
Exploits1References15
OSV
OSV
added 2018/11/06 11:14 p.m.27 views

GHSA-R3VR-PRWV-86G9 python-gnupg's shell_quote function does not properly quote strings

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

8.7CVSS7.1AI score0.03388EPSS
Exploits2References9
OSV
OSV
added 2018/11/06 11:12 p.m.26 views

GHSA-VCR5-XR9H-MVC5 python-gnupg vulnerable to shell injection

python-gnupg 0.3.5 and 0.3.6 allow for shell injection via a failure to escape backslashes in the shellquote function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323...

9.8CVSS6.2AI score0.00383EPSS
Exploits1References12
Github Security Blog
Github Security Blog
added 2018/11/06 11:12 p.m.41 views

python-gnupg vulnerable to shell injection

python-gnupg 0.3.5 and 0.3.6 allow for shell injection via a failure to escape backslashes in the shellquote function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323...

4.4CVSS6.6AI score0.00383EPSS
Exploits1References11Affected Software1
UbuntuCve
UbuntuCve
added 2014/10/25 9:55 p.m.31 views

CVE-2014-1929

python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323...

4.4CVSS5.9AI score0.00383EPSS
Exploits1References3
Prion
Prion
added 2014/10/25 9:55 p.m.23 views

Design/Logic Flaw

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

7.5CVSS7.5AI score0.03388EPSS
Exploits5References7Affected Software1
OSV
OSV
added 2014/10/25 9:55 p.m.27 views

PYSEC-2014-92

python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323...

4.4CVSS6.8AI score0.00383EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2014/10/25 9:0 p.m.29 views

CVE-2014-1928

The shellquote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "" backslash characters to form multi-command sequences, a different...

4.6CVSS7.3AI score0.00605EPSS
Exploits2
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.83 views

[SECURITY] [DSA 2946-1] python-gnupg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2946-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 04, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.8AI score0.03388EPSS
Exploits6
OSV
OSV
added 2014/06/09 7:55 p.m.8 views

CVE-2013-7323

python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...

7AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2014/06/09 7:55 p.m.24 views

CVE-2013-7323

python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...

7.5CVSS5.9AI score0.02851EPSS
Exploits1References2
CVE
CVE
added 2014/06/09 7:0 p.m.106 views

CVE-2013-7323

CVE-2013-7323 affects python-gnupg up to 0.3.5 (and related 0.3.6) where the shell_quote function does not properly escape or quote strings, allowing context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. Several advisories (GHSA) describe shell...

7.5CVSS7.2AI score0.02851EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2014/06/09 7:0 p.m.51 views

CVE-2013-7323

python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...

7.1AI score0.02851EPSS
Exploits1References7
Debian
Debian
added 2014/06/04 4:55 p.m.38 views

[SECURITY] [DSA 2946-1] python-gnupg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2946-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 04, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.03388EPSS
Exploits6
OpenVAS
OpenVAS
added 2014/02/25 12:0 a.m.30 views

Fedora Update for python-gnupg FEDORA-2014-2103

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.03388EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2014/02/23 12:0 a.m.32 views

Fedora 20 : python-gnupg-0.3.6-1.fc20 (2014-2103)

fixes protection against shell injection from previous 0.3.5 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.4AI score0.03388EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2014/02/23 12:0 a.m.30 views

Fedora 19 : python-gnupg-0.3.6-1.fc19 (2014-2140)

fixes protection against shell injection from previous 0.3.5 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.4AI score0.03388EPSS
Exploits6References6
Rows per page
Query Builder