Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/03/03 9:52 p.m.3 views

OpenClaw Improperly Neutralizes Line Breaks in systemd Unit Generation Enables Local Command Execution (Linux)

Summary A command injection vulnerability exists in OpenClaw’s Linux systemd unit generation path. When rendering Environment= entries, attacker-controlled values are not rejected for CR/LF, and systemdEscapeArg uses an incorrect whitespace-matching regex. This allows newline injection to break o...

7.8CVSS6.3AI score0.00093EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-27476

Malicious code in bioql PyPI...

5.1CVSS6.4AI score0.00159EPSS
Exploits0References1
OSV
OSVadded 2024/06/28 3:28 p.m.7 views

GO-2024-2449 Withdrawn Advisory: User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport

Withdrawn Advisory: User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positiv...

7AI score
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 5:27 a.m.7 views

SUSE CVE-2014-6277

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...

10CVSS8.1AI score0.86752EPSS
Exploits16References23
SUSE CVE
SUSE CVEadded 2023/02/15 5:23 a.m.2 views

SUSE CVE-2014-10070

zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as literal numbers. That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation...

8.6CVSS6.7AI score0.0015EPSS
Exploits0References8
OpenVAS
OpenVASadded 2018/04/30 12:0 a.m.31 views

Microsoft Windows 10: Modify firmware environment values

This security setting determines who can modify firmware environment values. Firmware environment values are settings that are stored in the nonvolatile RAM of non-x86-based computers. The effect of the setting depends on the processor. On all computers, this user right is required to install or...

7.2AI score
Exploits0
OSV
OSVadded 2014/09/25 1:55 a.m.6 views

DEBIAN-CVE-2014-7169

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the...

9.8CVSS9.4AI score0.89056EPSS
Exploits17References1
Rows per page
Query Builder