Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Snyk
Snykadded 2025/11/26 10:9 p.m.3 views

Arbitrary Command Injection

Overview willitmerge is an A command line tool to check if pull requests are mergeable. Affected versions of this package are vulnerable to Arbitrary Command Injection due to the use of insecure child process execution API exec. An attacker can execute arbitrary system commands by supplying craft...

9.8CVSS8AI score0.003EPSS
Exploits1References2
OSV
OSVadded 2018/02/16 5:29 p.m.25 views

CVE-2018-7187

The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path get/vcs.go only checks for "://" anywhere in the string, which allows remote attackers to execute arbitrary OS commands via a crafted web site...

8.8CVSS8.1AI score
Exploits0References6
CVE
CVEadded 2017/09/03 8:0 p.m.44 views

CVE-2017-14119

The CVE-2017-14119 vulnerability affects EyesOfNetwork (eonweb) 5.1-0, specifically in module/tool_all/tools/snmpwalk.php, where popen calls are not properly restricted. This allows remote attackers to execute arbitrary commands by injecting shell metacharacters into a parameter. The issue is des...

8.8CVSS9AI score0.03082EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder