17 matches found
EUVD-2001-0038
Malware in sbrugna...
EUVD-2007-1574
Malware in sbrugna...
EUVD-2022-3886
Malicious code in bioql PyPI...
CVE-2021-42740
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...
Drive Letters Change on the Target Devices when the Virtual Disk Changes between Private and Standard Mode
The local drive letter on the target devices change when a virtual disk changes its mode between Private and Standard. In Private mode the extra disk for write cache is E: and the CD/DVD is D:. When the customer changes the virtual disk to Standard mode, the extra disk for write cache changes to ...
SUSE CVE-2021-42740
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...
GHSA-G4RG-993R-MGX7 Improper Neutralization of Special Elements used in a Command in Shell-quote
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...
Improper Neutralization of Special Elements used in a Command in Shell-quote
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...
CVE-2021-42740
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...
Command injection
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...
CVE-2021-42740
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec, an...
CVE-2021-42740
CVE-2021-42740 affects the shell-quote package for Node.js (pre-1.7.3). The Windows drive-letter regex was {A-z] instead of {A-Za-z], enabling injection of shell metacharacters when unescaped output is passed to a real shell via exec(). Attacks can lead to arbitrary commands execution under the d...
PT-2021-23668
Name of the Vulnerable Software and Affected Versions shell-quote versions prior to 1.7.3 Description The issue allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a...
How to hide drive letters with Windows registry
This article explains how to hide drive letters using registry key...
LNK Code Execution Vulnerability
This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 CVE-2015-0096. The created LNK file is similar except an additional SpecialFolderDataBlock is included. The...
Drive Letters Missing From Backup Browser During Windows Guest File Level Restore
Challenge When performing a Windows FLR. the drive letters listed in the Backup Browser do not reflect those of the original server. Cause This occurs when the drive containing the Guest OS registry hives was not included in the backup process. The registry hive is used to map disk IDs to drive...
Re-IP fails on Windows 2003/2008 servers.
Article Applicability The issue discussed in this article is strictly related to the use of VMXNET3 network adapters with the following vSphere VM guest operating systems: Windows 7 Windows 7 SP1 Server 2008 R2 Server 2008 R2 SP1 Challenge When you perform failover for a Win2008R2 server with a...