Code injection

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

CVE-2020-15568

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

Command Injection in @graphql-tools/git-loader

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...

Command Injection

Overview deferred-exec is a tool to run exec commands. Lets you use exec, execFile and spawn in a sane way. Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 42 in lib/deferred-exec.js PoC var a = require"deferred-exec"; a" touch JHU ",;...

bear (=0.1.0), proud-badge (>=0.0.1 <=0.0.5) +1 more potentially affected by CVE-2020-28438 via deferred-exec (=0.3.1)

deferred-exec NPM version =0.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on deferred-exec and may be impacted: - bear =0.1.0 - proud-badge =0.0.1, =0.0.1, =0.0.4 Source cves: CVE-2020-28438 Source advisory: SNYK:JS-DEFERREDEXEC-1050433...

CVE-2021-23326 Command Injection

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...

Arbitrary Code Execution

buns is vulnerable to arbitrary code execution. An attacker is able to exploit the vulnerability by injecting command via the install function due to the insecure usage of exec...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

Design/Logic Flaw

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

CVE-2020-36167

Veritas Backup Exec (versions 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517) loads the OpenSSL library from the Installation folder at startup, which then reads /usr/local/ssl/openssl.cnf. If that file is missing or writable by a low-privilege user on Windows (e.g., C:\usr\local\...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

Veritas Backup Exec Code Issue Vulnerability

Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...

Vulnerabilities fixed in Veritas products

Vulnerabilities have been fixed in Veritas Backup Exec and Veritas NetBackup. The vulnerabilities allow a local attacker to to obtain elevated privileges. The vulnerability makes it possible for the attacker to execute arbitrary code under SYSTEM or administrator. The vulnerabilities rated by...

Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create files. Description CVE-2019-1552 Veritas Backup Exec includes an OpenSSL component that specifies an OPENSSLD...

Exploit for Command Injection in Saltstack Salt

CVE-2020-28243 A command injection vulnerability in SaltStack...

CVE-2020-26284

CVE-2020-26284 affects Hugo (Go-based SSG) where, before v0.79.1, Hugo uses Go’s os/exec and will invoke a malicious executable if a file named after a common Windows binary (exe or bat) exists in the current working directory when Hugo runs. This can allow an attacker to execute arbitrary code o...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 45 in main entry of package in lib/process-promises.js. PoC var a =require"ts-process-promises"; a.exec"touch JHU",; Remediation There is no fixed version for ts-process-promises...

CVE-2020-7777 Arbitrary Code Execution

This affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is no mention about the risks of untrusted schema files, so I assume that this is applicable. In...