62 matches found
CVE-2026-48962
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...
CVE-2026-48962 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...
PT-2026-43488
Name of the Vulnerable Software and Affected Versions IO::Compress versions prior to 2.220 Description An issue in File::GlobMapper allows the execution of arbitrary code through an attacker-controlled output glob. The function parseOutputGlob wraps the provided output glob string in double quote...
Linux Distros Unpatched Vulnerability : CVE-2026-48962
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
The CVE-2026-29202 issue affects cPanel & WHM through Insufficient input validation of the plugin parameter in the create_user plugin, enabling arbitrary Perl code execution under the authenticated user’s system account. Affected component: the create_user plugin’s plugin parameter handling. Root...
cPanel 输入验证错误漏洞
cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability related to input validation errors, which stem from insufficient input validation in the plugin parameter...
MiracleLinux 8 : postgresql:13 (AXSA:2024-9054:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9054:01 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...
MiracleLinux 9 : postgresql:16 (AXSA:2024-9501:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9501:01 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...
Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart
needrestart Privilege Escalation CVE-2024-48990 This reposi...
EUVD-2002-1419
Malware in sbrugna...
EUVD-2013-1475
Malware in sbrugna...
EUVD-2001-1271
Malware in sbrugna...
EUVD-2015-0907
Malware in sbrugna...
EUVD-2006-5856
Malware in sbrugna...
EUVD-2021-28568
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-39051
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package CVE-2022-39051 Not...