4 matches found
GHSA-J9WJ-M24M-7JJ6 willitmerge has a Command Injection vulnerability
willitmerge describes itself as a command line tool to check if pull requests are mergeable. There is a Command Injection vulnerability in version [email protected]. Resources: Project's GitHub source code: https://github.com/shama/willitmerge/ Project's npm package:...
git-commiters.js 安全漏洞
git-commiters.js is a js library by Riceball LEE Individual Developers. A security vulnerability exists in git-commiters.js versions prior to 0.1.2, which stems from not cleaning up user input and not securely executing the process API, which could lead to a command injection attack...
Language-Based Security and Time-Inserting Supervisor
Algebraic methods are employed in order to define language-based security properties of processes. A supervisor is introduced that can disable unwanted behavior of an insecure process by controlling some of its actions or by inserting timed actions to make an insecure process secure. We assume a...
VMware Player Code Execution And Privilege Escalation Vulnerabilities (VMSA-2012-0015) - Windows
VMware Player is prone to code execution and privilege escalation vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...