HashiCorp Nomad Remote Command Execution Exploit

This Metasploit module lets you create a batch job on HashiCorp's Nomad service to spawn a shell. The default option is to use the rawexec driver, which runs with high privileges. Development servers and clients explicitly enabling the rawexec plugin can spawn these type of jobs. Regular exec job...

CVE-2021-20198

A flaw was found in the OpenShift Installer. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated /exec...

Fuzzing iOS code on macOS at native speed

Or how iOS apps on macOS work under the hood Posted by Samuel Groß, Project Zero This short post explains how code compiled for iOS can be run natively on Apple Silicon Macs. With the introduction of Apple Silicon Macs, Apple also made it possible to run iOS apps natively on these Macs. This is...

PT-2021-6126 · Gcc +6 · Gcc +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.16.10 Description: The issue is related to a buffer overflow in the Linux kernel, which can be exploited by a remote attacker to execute arbitrary code. Certain binary files built around 2003, for example with...

OS Command Injection in mversion

The issue occurs because tagName user input is formatted inside the exec function is executed without any checks...

GHSA-6M8P-4FXJ-PGC2 OS Command Injection in mversion

The issue occurs because tagName user input is formatted inside the exec function is executed without any checks...

Microweber CMS 1.1.20 Remote Code Execution

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Date: 2020-10-31 Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is...

OS Command Injection in pulverizr

pulverizr through 0.7.0 allows execution of arbitrary commands. Within lib/job.js, the variable filename can be controlled by the attacker. This function uses the variable "filename" to construct the argument of the exec call without any sanitization. In order to successfully exploit this...

GHSA-F8FH-8RGM-227H OS Command Injection in node-prompt-here

node-prompt-here through 1.0.1 allows execution of arbitrary commands. The runCommand is called by getDevices function in file linux/manager.js, which is required by the index. process.env.NMCLI in the file linux/manager.js. This function is used to construct the argument of function execSync,...

GHSA-G4HJ-R7R3-9RWV OS Command Injection in gulp-scss-lint

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

OS Command Injection in docker-compose-remote-api

docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. Within index.js of the package, the function execserviceName, cmd, fnStdout, fnStderr, fnExit uses the variable serviceName which can be controlled by users without any sanitization...

Command Injection in ps-visitor

This affects all versions up to and including version 0.0.2 of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

GHSA-V2JV-33GH-XX29 Command Injection in ps-visitor

This affects all versions up to and including version 0.0.2 of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Command Injection in picotts

This affects all versions up to and including version 0.1.1 of package picotts. If attacker-controlled user input is given to the say function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

OS Command Injection

git-parse is vulnerable to OS command injection. Untrusted input in gitDiff is passed into an exec function without validation, allowing an attacker to execute arbitrary OS commands on the host OS...

Arbitrary command execution in roar-pidusage

This affects all current versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without inpu...

Command Injection in ffmpegdotjs

This affects all versions of package ffmpegdotjs. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

GHSA-CQ77-8JPX-892G Command Injection in killing

This affects all versions of package killing up to and including 1.0.6. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

GHSA-R6FW-8M27-43C9 Command injection in portkiller

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Command injection in portkiller

This affects all versions of package portkiller. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...