CVE-2002-2444

CVE-2002-2444 affects Snoopy prior to 2.0.0, with a security hole in exec cURL. The initial entry reports CVSS v2 base score 7.5 (HIGH) and CVSS v3.1 base score 9.8 (CRITICAL). No exploitation details or remediation are provided in the connected documents.

CVE-2002-2444

Snoopy before 2.0.0 has a security hole in exec cURL...

CVE-2019-16663

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution...

Command injection

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution...

Sourcecodester Restaurant Management System Cross-Site Request Forgery Vulnerability

Sourcecodester Restaurant Management System is a restaurant management system. A cross-site request forgery vulnerability exists in the admin/staff-exec.php file in version 1.0 of the Sourcecodester Restaurant Management System, which originates from a WEB application that does not adequately...

CVE-2019-18414

Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a crafted HTML page...

GHSA-549F-73HH-MJ38 Command Injection in gitlabhook

All versions of gitlabhook are vulnerable to Command Injection. The package does not validate input the body of POST request and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system. Recommendation No fix is currently available. Consider using an alternative...

Node.js third-party modules: [create-git] RCE via insecure command formatting

The create-git NPM module was vulnerable against command injection which was possible since some user supplied inputs were concatenated without proper checks inside a exec call, which made possible executing arbitrary commands besides the git one which is used by the tool. The PoC resulted in: js...

CredSSP Remote Code Execution Vulnerability March 2018 Security Update

The remote Windows host allows fallback to insecure versions of Credential Security Support Provider protocol CredSSP. It is therefore, affected by a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could relay user credentials and use them to execute...

ALBA-2019:2723 container-tools:rhel8 bug fix update

Bug Fixes: race/corruption: podman failed to launch containers BZ1741110 podman exec can fail with "failed to write ... to cgroup.procs invalid argument" BZ1743163...

container-tools:rhel8 bug fix update

Bug Fixes: race/corruption: podman failed to launch containers BZ1741110 podman exec can fail with "failed to write ... to cgroup.procs invalid argument" BZ1743163...

openSUSE Security Update : podman / slirp4netns and libcontainers-common (openSUSE-2019-2044)

This is a version update for podman to version 1.4.4 bsc1143386. Additional changes by SUSE on top : - Remove fuse-overlayfs because it's currently an unsatisfied dependency on SLE bsc1143386 - Update libpod.conf to use correct infracommand - Update libpod.conf to use better versioned pause...

EulerOS 2.0 SP5 : libvirt (EulerOS-SA-2019-1796)

According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API CVE-2019-10161 - libvirt: virDomainManagedSaveDefineXML API exposed to...

Remote code execution

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'...

Privilege Escalation

github.com/hashicorp/nomad is vulnerable to privilege escalation. The vulnerability exists as the exec driver tasks run with full Linux capabilities...

HashiCorp Nomad Access Control Error Vulnerability

HashiCorp Nomad is a distributed, data center-aware cluster and application scheduler from HashiCorp, USA. The program supports the deployment of microservices, batch, containerized and non-containerized applications. An access control error vulnerability exists in HashiCorp Nomad versions 0.9.0...

CVE-2019-12618

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver...

UBUNTU-CVE-2019-12618

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver...

Design/Logic Flaw

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver...

CVE-2019-12618

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver...