Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/06/09 2:27 p.m.22 views

shell-quote quote() does not escape newlines in object .op values

Summary shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by character using /./g, which in JavaScript does not match line terminators \n, \r, U+2028, U+2029. A line terminator in .op therefore...

9.2CVSS5.6AI score0.00623EPSS
Exploits1References7Affected Software1
OSV
OSVadded 2026/06/09 2:27 p.m.41 views

GHSA-W7JW-789Q-3M8P shell-quote quote() does not escape newlines in object .op values

Summary shell-quote's quote function did not validate object-token inputs against the operator model used by parse. The .op field was backslash-escaped character by character using /./g, which in JavaScript does not match line terminators \n, \r, U+2028, U+2029. A line terminator in .op therefore...

9.2CVSS5.6AI score0.00623EPSS
Exploits1References6
Snyk
Snykadded 2026/05/22 3:45 p.m.8 views

Arbitrary Command Injection

Overview shell-quote is a package used to quote and parse shell commands. Affected versions of this package are vulnerable to Arbitrary Command Injection via the quote function when object-token inputs containing line terminators \n, \r, U+2028, U+2029 in the .op field are not properly validated...

9.2CVSS6AI score0.00623EPSS
Exploits1References2
0day.today
0day.todayadded 2017/08/15 12:0 a.m.51 views

Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross Site Scripting Vulnerability

Exploit for windows platform in category web applications Vulnerability type: Multiple Stored Cross Site Scripting Vendor: Quali Product: CloudShell Affected version: v7.1.0.6508 Patch 6 Patched version: v8 and up Credit: Benjamin Lee CVE ID: CVE-2017-9767...

3.5CVSS5.8AI score0.0298EPSS
Exploits5
Exploit DB
Exploit DBadded 2017/08/14 12:0 a.m.33 views

Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting

Vulnerability type: Multiple Stored Cross Site Scripting Vendor: Quali Product: CloudShell Affected version: v7.1.0.6508 Patch 6 Patched version: v8 and up Credit: Benjamin Lee CVE ID: CVE-2017-9767 ========================================================== Overview Quali CloudShell v7.1.0.6508...

5.4CVSS5.5AI score0.0298EPSS
Exploits5
Packet Storm
Packet Stormadded 2017/08/14 12:0 a.m.35 views

Quali CloudShell 7.1.0.6508 (Patch 6) Cross Site Scripting

Vulnerability type: Multiple Stored Cross Site Scripting Vendor: Quali Product: CloudShell Affected version: v7.1.0.6508 Patch 6 Patched version: v8 and up Credit: Benjamin Lee CVE ID: CVE-2017-9767 ========================================================== Overview Quali CloudShell v7.1.0.6508...

0.1AI score0.0298EPSS
Exploits5
Oracle linux
Oracle linuxadded 2014/09/26 12:0 a.m.55 views

bash security update

3.0-27.0.3 - Rework env function definition for safety Florian Weimer CVE-2014-7169...

10CVSS2AI score0.9994EPSS
Exploits19
Rows per page
Query Builder