EUVD-2022-1781

Malicious code in bioql PyPI...

CVE-2022-29080

The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value...

GHSA-Q2FJ-6H62-59M2 Apiman Vert.x Gateway has Transitive Hazelcast connection caching issue

Impact If you are using the Apiman Vert.x Gateway prior to Apiman 3.0.0.Final, a connection caching issue in Hazelcast could allow an unauthenticated, remote attacker to access and manipulate data in the cluster with another authenticated connection's identity. Hazelcast is a transitive dependenc...

npm-dependency-versions command injection vulnerability

npm-dependency-versions is a dependency plugin for nmap. npm-dependency-versions is vulnerable to a command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...

Command Injection

npm-dependency-versions is vulnerable to command injection. The vulnerability exists due to a lack of sanitization of input via the API endpoint via the dependencyVersions function...

CVE-2022-29080

The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value...

CVE-2022-29080

The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value...

CVE-2022-29080

The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value...

CVE-2022-29080

The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value...

PT-2022-3577 · Npm · Npm-Dependency-Versions

Name of the Vulnerable Software and Affected Versions: npm-dependency-versions versions 0.3.0 and earlier Description: The issue is related to insufficient argument checking in the npm-dependency-versions package, which can lead to command injection. An attacker can exploit this by calling...

npm-dependency-versio 操作系统命令注入漏洞

npm-dependency-versions is a dependency plugin for nmap. npm-dependency-versions is vulnerable to a command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...

Fedora 24 : owncloud (2016-cfa7b58c7e)

Owncloud now follows the PHP SIG direction of using a fedora autoloader to directly call the autoloaders of the PHP libraries used. In addition a %check has been added to ensure the autoloader works correctly and new dependency versions bumped to match more closely with upstream. This also update...

eclipse security, bug fix, and enhancement update

eclipse: 1:3.6.1-6.13 - Drop patch to remove ant-trax needed by test runs. 1:3.6.1-6.12 - Add two upstream patches to allow for running SDK JUnit tests. 1:3.6.1-6.11 - Bring in line with Fedora. - Remove some stuff that is now done in eclipse-build. - Fix sources URL. - Add PDE dependency on zip...