Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.9 views

CVE-2026-25104

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability...

7.8CVSS5.8AI score0.00207EPSS
Exploits1References1
OSV
OSV
added 2026/05/28 11:19 p.m.6 views

ECHO-75D3-8223-1EAF

Bulletin has no description...

7.7CVSS5.7AI score0.00142EPSS
Exploits0References1
Talos
Talos
added 2026/05/20 12:0 a.m.11 views

MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the LXF element parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable...

7.8CVSS6.3AI score0.00203EPSS
Exploits1
OSV
OSV
added 2026/05/13 1:16 p.m.3 views

MINI-8CRR-4MH9-W6CJ

Bulletin has no description...

7.5CVSS5.7AI score0.01163EPSS
Exploits0
OSV
OSV
added 2026/05/13 3:34 a.m.3 views

CGA-CR3J-6M49-FW86

Bulletin has no description...

7.5CVSS5.7AI score0.00457EPSS
Exploits1
OSV
OSV
added 2026/05/11 10:2 a.m.4 views

MINI-FRPV-P65M-7WH5

Bulletin has no description...

5.3CVSS5.7AI score0.00179EPSS
Exploits0
OSV
OSV
added 2026/05/11 6:17 a.m.6 views

MINI-MG57-RFMH-W8GC

Bulletin has no description...

7.5CVSS5.7AI score0.00588EPSS
Exploits0
OSV
OSV
added 2026/03/13 10:46 a.m.4 views

MINI-GVC2-MWC4-G2RF

Bulletin has no description...

2.5CVSS5.7AI score0.00201EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/19 7:48 p.m.6 views

CVE-2026-26318

systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized locate output in versions. Version 5.31.0 fixes the issue...

8.8CVSS5.8AI score0.0115EPSS
Exploits1
OSV
OSV
added 2025/12/16 7:16 p.m.3 views

UBUNTU-CVE-2025-68154

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...

8.1CVSS6.3AI score0.12863EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2512

Malicious code in bioql PyPI...

9.8CVSS9AI score0.01837EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/12/20 8:10 p.m.9 views

CVE-2024-56334

systeminformation is a System and OS information library for node.js. In affected versions SSIDs are not sanitized when before they are passed as a parameter to cmd.exe in the getWindowsIEEE8021x function. This means that malicious content in the SSID can be executed as OS commands. This...

7.8CVSS6.4AI score0.00698EPSS
Exploits0
OSV
OSV
added 2023/12/08 2:15 a.m.4 views

CVE-2023-43305

An issue in studio kent mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

8.2CVSS5.8AI score0.00571EPSS
Exploits1References1
Prion
Prion
added 2023/09/21 6:15 p.m.17 views

Command injection

systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to wifiConnections,...

7.5CVSS9.7AI score0.01837EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/08/10 12:0 a.m.228 views

NodeJS System Information Library Command Injection (CVE-2021-21315)

Binary data nodejscve-2021-21315.nbin...

7.8CVSS7.3AI score0.9024EPSS
Exploits4References4
CNVD
CNVD
added 2021/05/21 12:0 a.m.10 views

Unspecified Vulnerability in BMC Remedy 9.1SP3

BMC Software BMC Remedy 9.1SP3 is an application from BMC Software, Inc. It provides off-the-shelf IT Information Library ITIL service support functionality. A security vulnerability exists in BMC Remedy 9.1SP3, which can be exploited by an attacker to run code using a BIRT template...

8.8CVSS7AI score0.01334EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2021/03/01 6:52 p.m.215 views

Exploit for OS Command Injection in Systeminformation

CVE-2021-21315-systeminformation This is Proof of Concept for...

7.8CVSS7.6AI score0.9024EPSS
Exploits4
NVD
NVD
added 2021/02/16 5:15 p.m.24 views

CVE-2021-21315

The System Information Library for Node.JS npm package "systeminformation" is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. ...

7.8CVSS0.9024EPSS
Exploits4References6
Prion
Prion
added 2021/02/16 5:15 p.m.28 views

Command injection

The System Information Library for Node.JS npm package "systeminformation" is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. ...

4.6CVSS7.8AI score0.9024EPSS
Exploits4References5Affected Software2
Cvelist
Cvelist
added 2021/02/16 5:0 p.m.29 views

CVE-2021-21315 Command Injection Vulnerability

The System Information Library for Node.JS npm package "systeminformation" is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. ...

7.1CVSS8.1AI score0.9024EPSS
Exploits4References5
Rows per page
Query Builder