CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

EUVD-2019-0247

Malware in sbrugna...

Vulnerability in packageCmd function leads to arbitrary code execution via filePath parameters

aaptjs is a node wraper for aapt. An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

Vulnerability in singleCrunch function leads to arbitrary code execution via filePath parameters

aaptjs is a node wraper for aapt. An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

Vulnerability in crunch function leads to arbitrary code execution via filePath parameters

aaptjs is a node wraper for aapt. An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...

aaptjs remote code execution vulnerability (CNVD-2021-84829)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the remove function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84826)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the list function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84828)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the dump function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability (CNVD-2021-84831)

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the crunch function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

aaptjs remote code execution vulnerability

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the add function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

Shenzhim Aaptjs 操作系统命令注入漏洞

aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the packageCmd function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...

CVE-2016-10646

resourcehacker is a Node wrapper of Resource Hacker windows executable resource editor. resourcehacker downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...

CVE-2016-10646

CVE-2016-10646 affects the Node wrapper resourcehacker, which downloads binary resources over HTTP. The underlying issue is insecure HTTP delivery, enabling MITM attackers to intercept the response and replace the requested binary with attacker-controlled code, potentially leading to remote code ...

CVE-2016-10662

CVE-2016-10662 affects the tomita node wrapper for Yandex Tomita Parser. The vulnerability arises because tomita downloads binary resources over HTTP, allowing a network-positioned attacker to perform a MITM and replace the resource with a malicious binary, potentially leading to remote code exec...

CVE-2016-10613

bionode-sra is a Node.js wrapper for SRA Toolkit. bionode-sra downloads data resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10596

imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled tarball if t...

CVE-2016-10560

galenframework-cli is the node wrapper for the Galen Framework. galenframework-cli below 2.3.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled...

CVE-2016-10698

mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled...

CVE-2016-10666

tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker i...

CVE-2016-10666

tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker i...