CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/01/09 9:59 a.m.•4 views

CVE-2020-7626

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...

9.8CVSS7.4AI score0.01227EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-1123

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01227EPSS

Exploits1References4

Github Security Blog•added 2022/02/10 11:42 p.m.•34 views

karma-mojo enables OS Command Injection

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...

9.8CVSS9.3AI score0.01227EPSS

Exploits1References4Affected Software1

OSV•added 2022/02/10 11:42 p.m.•13 views

GHSA-PF8J-VHG8-XMC3 karma-mojo enables OS Command Injection

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...

9.8CVSS9.8AI score0.01227EPSS

Exploits1References3

Veracode•added 2020/04/06 5:10 a.m.•18 views

Remote Code Execution (RCE)

karma-mojo is vulnerable to remote code execution RCE. The attack exists because the argument config in the function grep can be manipulated by attacker using malicious code as it was not sanitized before execution...

9.8CVSS3.2AI score0.01227EPSS

Exploits1References3Affected Software1

CNVD•added 2020/04/03 12:0 a.m.•1 views

karma-mojo injection vulnerability

karma-mojo is a package that supports running a selected subset of tests in Karma. An injection vulnerability exists in karma-mojo 1.0.1 and prior versions. The vulnerability stems from a lack of proper validation of user input data by a networked system or product during the course of a user's...

9.8CVSS7.2AI score0.01227EPSS

Exploits1

OSV•added 2020/04/02 10:15 p.m.•0 views

CVE-2020-7626

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...

9.8CVSS6AI score

Exploits0References2

NVD•added 2020/04/02 10:15 p.m.•10 views

CVE-2020-7626

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...

9.8CVSS9.8AI score0.01227EPSS

Exploits1References2

Prion•added 2020/04/02 10:15 p.m.•10 views

Command injection

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...

7.5CVSS9.7AI score0.01227EPSS

Exploits1References2Affected Software1

CVE•added 2020/04/02 9:23 p.m.•58 views

CVE-2020-7626

CVE-2020-7626 affects the npm package karma-mojo up to version 1.0.1. The vulnerability is a Command Injection due to unsanitized input in the config argument, allowing an attacker to execute arbitrary commands. Multiple connected sources corroborate the issue and identify the impact as arbitrary...

9.8CVSS9.7AI score0.01227EPSS

Exploits1References2Affected Software1

Cvelist•added 2020/04/02 9:23 p.m.•11 views

CVE-2020-7626

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...

9.8AI score0.01227EPSS

Exploits1References2

Snyk•added 2020/04/02 12:0 a.m.•2 views

Command Injection

Overview karma-mojo is a plugin for Karma that provides a binary for running only a select subset of tests at a time instead of running the whole test suite. Affected versions of this package are vulnerable to Command Injection. The argument config can be controlled by users without any...

9.8CVSS5.6AI score0.01227EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by