Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1165 matches found

OSV
OSVadded 2021/04/18 7:15 p.m.1 views

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS7.5AI score0.01336EPSS
Exploits1References2
NVD
NVDadded 2021/04/18 7:15 p.m.34 views

CVE-2021-23375

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS0.01336EPSS
Exploits1References2
NVD
NVDadded 2021/04/18 7:15 p.m.5 views

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS0.01336EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2021/04/18 6:36 p.m.3 views

CVE-2021-23375

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS5.8AI score0.01336EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2021/04/18 6:35 p.m.2 views

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS5.8AI score0.01336EPSS
Exploits1References3
Snyk
Snykadded 2021/04/18 3:49 p.m.2 views

Arbitrary Command Injection

Overview psnode is an A Node.js KISS module to list and kill process on OSX and Windows. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands...

9.8CVSS7.5AI score0.01336EPSS
Exploits1References2
Snyk
Snykadded 2021/04/18 3:49 p.m.2 views

Arbitrary Command Injection

Overview ps-visitor is a Node.js visit command ps aux and kill. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the...

9.8CVSS7.6AI score0.01336EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2021/04/13 3:32 p.m.44 views

Arbitrary code execution in kill-by-port

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

8.8CVSS4.3AI score0.01765EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2021/04/13 3:32 p.m.12 views

GHSA-MM4F-47CH-F7HX Arbitrary code execution in kill-by-port

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

6.3CVSS8.9AI score0.01765EPSS
Exploits1References5
Veracode
Veracodeadded 2021/03/31 3:16 a.m.15 views

OS Command Injection

kill-by-port is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands due to the passing of untrusted user input to the childprocess.exec function...

8.8CVSS4.5AI score0.01765EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2021/03/30 3:15 p.m.16 views

CVE-2021-23363

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

8.8CVSS7.5AI score
Exploits0References3
NVD
NVDadded 2021/03/30 3:15 p.m.8 views

CVE-2021-23363

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

8.8CVSS0.01765EPSS
Exploits1References3
Prion
Prionadded 2021/03/30 3:15 p.m.14 views

Design/Logic Flaw

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

6.5CVSS8.9AI score0.01765EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2021/03/30 3:0 p.m.12 views

CVE-2021-23363 Arbitrary Command Injection

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

6.3CVSS9.2AI score0.01765EPSS
Exploits1References3
CVE
CVEadded 2021/03/30 3:0 p.m.58 views

CVE-2021-23363

The CVE affects the npm package kill-by-port (before v0.0.2). The root cause is unsanitized attacker-controlled input passed to child_process.exec, enabling Arbitrary Command Injection. Documented impact is arbitrary command execution via input to killByPort, with examples and a PoC in Snyk data ...

8.8CVSS7.7AI score0.01765EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2021/03/30 2:56 p.m.1 views

CVE-2021-23363

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

8.8CVSS5.8AI score0.01765EPSS
Exploits1References4
CNNVD
CNNVDadded 2021/03/30 12:0 a.m.3 views

Guy Mograbi kill-by-port 命令注入漏洞

Guy Mograbi kill-by-port is a Guy Mograbi open source application. It is used to kill processes. A security vulnerability exists in kill-by-port before 0.0.2, which can be exploited by attackers to execute arbitrary commands...

8.8CVSS8.2AI score0.01765EPSS
Exploits1References4
NVD
NVDadded 2021/03/26 9:15 p.m.10 views

CVE-2020-25581

In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jailremove2 implementation, it may fail to kill some of the processes...

8.5CVSS0.00758EPSS
Exploits0References2
Akamai Blog
Akamai Blogadded 2021/03/21 6:40 p.m.12 views

4 Techniques for Early Ransomware Detection

If you receive a ransom note, it’s already too late. Detect and stop ransomware attacks early in the kill chain with these 4 techniques...

7AI score
Exploits0
Github Security Blog
Github Security Blogadded 2021/03/19 9:19 p.m.60 views

Command injection in kill-process-on-port

All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId...

7.5CVSS7.4AI score0.01929EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder