45 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-64756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection...
SUSE CVE-2025-64756
Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...
CVE-2025-64756
A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface CLI is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection. Mitigation To mitigate this issue, avoid...
CVE-2025-64756
Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...
GHSA-5J98-MCP5-4VW2 glob CLI: Command injection via -c/--cmd executes matches with shell:true
Summary The glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c is used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to...
glob CLI: Command injection via -c/--cmd executes matches with shell:true
Summary The glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c is used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to...
CVE-2025-64756
CVE-2025-64756 is a command-injection vulnerability in glob's -c/--cmd handling. The IBM bulletins show this CVE affecting IBM Maximo Application Suite components (e.g., Visual Inspection) and related bundles, with remediation by upgrading the affected glob component to 10.5.0 or 11.1.0 (patches ...
EUVD-2025-197818
Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0.3, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are used, matched filenames are passed ...
CVE-2025-64756 glob CLI: Command injection via -c/--cmd executes matches with shell:true
Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...
EUVD-2025-14988
Malicious code in bioql PyPI...
CVE-2025-4790
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...
CVE-2025-4790
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...
CVE-2025-4790 FreeFloat FTP Server GLOB Command buffer overflow
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...
CVE-2025-4790
CVE-2025-4790 — FreeFloat FTP Server 1.0 is affected by a vulnerability in the GLOB Command Handler that allows a remote buffer overflow. The PT-Security report confirms a critical issue in the GLOB Command Handler with remote exploitation; no patch/version remediation details are provided in the...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the GLOB Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
PT-2025-21741 · Unknown · Freefloat Ftp Server
Name of the Vulnerable Software and Affected Versions: FreeFloat FTP Server version 1.0 Description: A critical issue was found in the GLOB Command Handler component, leading to a buffer overflow. This can be exploited remotely. The issue has been publicly disclosed. Recommendations: For FreeFloa...
PCMan FTP Server 'GLOB' Buffer Overflow Vulnerability
PCMan FTP Server is PCMan open source set of FTP server software. A buffer overflow vulnerability exists in PCMan FTP Server 'GLOB', which originates from the GLOB command handler failing to properly validate the length and size of input data, and can be exploited by an attacker to execute...
CVE-2025-4159
A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...
CVE-2025-4159
A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...
CVE-2025-4159 PCMan FTP Server GLOB Command buffer overflow
A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...