Lucene search
K

45 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-64756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection...

7.5CVSS7.6AI score0.03026EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/11/29 12:23 a.m.5 views

SUSE CVE-2025-64756

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

7.5CVSS8.4AI score0.03026EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/11/27 6:2 p.m.9 views

CVE-2025-64756

A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface CLI is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection. Mitigation To mitigate this issue, avoid...

7.5CVSS5.7AI score0.03026EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2025/11/17 6:15 p.m.4 views

CVE-2025-64756

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

7.5CVSS8.1AI score0.03026EPSS
Exploits1References3
OSV
OSV
added 2025/11/17 5:38 p.m.4 views

GHSA-5J98-MCP5-4VW2 glob CLI: Command injection via -c/--cmd executes matches with shell:true

Summary The glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c is used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to...

7.5CVSS8.6AI score0.03026EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/11/17 5:38 p.m.12 views

glob CLI: Command injection via -c/--cmd executes matches with shell:true

Summary The glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c is used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to...

7.5CVSS8.6AI score0.03026EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/11/17 5:29 p.m.522 views

CVE-2025-64756

CVE-2025-64756 is a command-injection vulnerability in glob's -c/--cmd handling. The IBM bulletins show this CVE affecting IBM Maximo Application Suite components (e.g., Visual Inspection) and related bundles, with remediation by upgrading the affected glob component to 10.5.0 or 11.1.0 (patches ...

7.5CVSS7.6AI score0.03026EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2025/11/17 5:29 p.m.4 views

EUVD-2025-197818

Glob matches files using patterns the shell uses. From versions 10.3.7 to 11.0.3, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are used, matched filenames are passed ...

7.5CVSS7.9AI score0.03026EPSS
Exploits1References3
OSV
OSV
added 2025/11/17 5:29 p.m.5 views

CVE-2025-64756 glob CLI: Command injection via -c/--cmd executes matches with shell:true

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

7.5CVSS8.2AI score0.03026EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-14988

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00596EPSS
Exploits1References4
NVD
NVD
added 2025/05/16 5:15 p.m.9 views

CVE-2025-4790

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

9.8CVSS0.00601EPSS
Exploits1References4
OSV
OSV
added 2025/05/16 5:15 p.m.4 views

CVE-2025-4790

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

9.8CVSS5.9AI score0.00601EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/05/16 5:0 p.m.17 views

CVE-2025-4790 FreeFloat FTP Server GLOB Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

7.5CVSS0.00601EPSS
Exploits1References4
CVE
CVE
added 2025/05/16 5:0 p.m.35 views

CVE-2025-4790

CVE-2025-4790 — FreeFloat FTP Server 1.0 is affected by a vulnerability in the GLOB Command Handler that allows a remote buffer overflow. The PT-Security report confirms a critical issue in the GLOB Command Handler with remote exploitation; no patch/version remediation details are provided in the...

9.8CVSS7.2AI score0.00601EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.1 views

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the GLOB Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

9.8CVSS7.3AI score0.00601EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.5 views

PT-2025-21741 · Unknown · Freefloat Ftp Server

Name of the Vulnerable Software and Affected Versions: FreeFloat FTP Server version 1.0 Description: A critical issue was found in the GLOB Command Handler component, leading to a buffer overflow. This can be exploited remotely. The issue has been publicly disclosed. Recommendations: For FreeFloa...

9.8CVSS7.4AI score0.00601EPSS
Exploits1References8
CNVD
CNVD
added 2025/05/14 12:0 a.m.1 views

PCMan FTP Server 'GLOB' Buffer Overflow Vulnerability

PCMan FTP Server is PCMan open source set of FTP server software. A buffer overflow vulnerability exists in PCMan FTP Server 'GLOB', which originates from the GLOB command handler failing to properly validate the length and size of input data, and can be exploited by an attacker to execute...

9.8CVSS8.5AI score0.00596EPSS
Exploits1References1
OSV
OSV
added 2025/05/01 10:15 a.m.4 views

CVE-2025-4159

A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...

9.8CVSS6.1AI score0.00596EPSS
Exploits1References4
NVD
NVD
added 2025/05/01 10:15 a.m.33 views

CVE-2025-4159

A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...

9.8CVSS0.00596EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/05/01 9:31 a.m.28 views

CVE-2025-4159 PCMan FTP Server GLOB Command buffer overflow

A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...

7.5CVSS0.00596EPSS
Exploits1References4
Rows per page
Query Builder