PT-2025-48261

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpfc db fix callback function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

Rockwell Automation FactoryTalk Linx 安全漏洞

Rockwell Automation FactoryTalk Linx is a suite of industrial communication solutions from Rockwell Automation USA. The product is primarily used to communicate between small applications and large automation systems, among others. A security vulnerability exists in Rockwell Automation FactoryTal...

CVE-2021-26275

The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted...

OS Command Injection

proctree is vulnerable to OS command injection. The vulnerability exists in the getProcessTree function in index.js due to a lack of sanitization in shell metacharacters which allows attackers to execute arbitrary commands via the fix function...

OS Command Injection in proctree

OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function...

GHSA-CV76-RV4H-4MQC OS Command Injection in proctree

OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function...

Command injection

OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function...

CVE-2021-26275

The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted...

PT-2021-16985 · Unknown · Eslint-Fixer

Name of the Vulnerable Software and Affected Versions: eslint-fixer versions 0.1.5 and earlier Description: The issue allows command injection via shell metacharacters to the fix function. This affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repositor...

NPM eslint-fixer 命令注入漏洞

npm eslint-fixer is a development module from the American company npm. It provides promise-based functionality that can be applied to a directory or file given by eslint --fix. A command injection vulnerability exists in eslint-fixer version 0.1.5 and earlier versions, which allows commands to b...

Harbian-Audit - Hardened Debian GNU/Linux Distro Auditing

Hardened Debian GNU/Linux and CentOS 8 distro auditing. The main test environment is in debian GNU/Linux 9/10 and CentOS 8, and other versions are not fully tested. There are no implementations of desktop and SELinux related items in this release. The code framework is based on the OVH-debian-cis...

CVE-2019-13228

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker...