40 matches found
EUVD-2020-0598
Malware in sbrugna...
libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify.
...
CVE-2013-7381 affecting package libnotify 0.7.9-4
CVE-2013-7381 affecting package libnotify 0.7.9-4. This CVE either no longer is or was never applicable...
Slackware: Security Advisory (SSA:2023-283-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] libnotify
New libnotify packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libnotify-0.8.3-i586-1slack15.0.txz: Upgraded. This release contains a critical stability/minor security update which affects...
Slackware Linux 15.0 / current libnotify Vulnerability (SSA:2023-283-02)
The version of libnotify installed on the remote host is prior to 0.8.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-283-02 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
SUSE CVE-2013-7381
libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify...
new packages: libnotify
An update is available for libnotify. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9....
ALBA-2022:1818 libnotify bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
libnotify bug fix and enhancement update
An update is available for libnotify. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8....
Advisory ROSA-SA-2021-1880
Software: libnotify 0.7.7 OS: Cobalt 7.9 CVE-ID: CVE-2013-7381 CVE-Crit: CRITICAL CVE-DESC: libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands using undefined characters when libnotify.notify is called. CVE-STATUS: default CVE-REV: default...
GHSA-6898-WX94-8JQ8 Potential Command Injection in libnotify
Versions 1.0.3 and earlier of libnotify are affected by a shell command injection vulnerability. This may result in execution of arbitrary shell commands, if user input is passed into libnotify.notify. Untrusted input passed in the call to libnotify.notify could result in execution of shell...
Potential Command Injection in libnotify
Versions 1.0.3 and earlier of libnotify are affected by a shell command injection vulnerability. This may result in execution of arbitrary shell commands, if user input is passed into libnotify.notify. Untrusted input passed in the call to libnotify.notify could result in execution of shell...
CVE-2020-7350
Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...
Command injection
Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...
CVE-2020-7350
CVE-2020-7350 affects Rapid7 Metasploit Framework libnotify plugin. Versions before 5.0.85 allow OS command injection via untrusted data in a remote hostname/service name; an attacker must supply a crafted file processed by db_import to trigger code execution on the operator’s terminal. A fix was...
CVE-2020-7350 Metasploit Framework Plugin Libnotify Command Injection
Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...
Rapid7 Metasploit Framework libnotify plugin OS command injection vulnerability
Rapid7 Metasploit Framework is a penetration testing framework from Rapid7, Inc. libnotify is one of the libraries used to send desktop notifications to the notification daemon. An operating system command injection vulnerability exists in the libnotify plugin in Rapid7 Metasploit Framework versi...
Metasploit Libnotify Arbitrary Command Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metasploit Libnotify Plugin Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection vulnerability in the...
Metasploit Libnotify Arbitrary Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metasploit Libnotify Plugin Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection vulnerability in the...