6 matches found
CVE-2025-13566
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function showcontentinfloatingwindow/runcmdasplugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of the patch is...
SUSE CVE-2012-5534
The hookprocess function in the plugin API for WeeChat 0.3.0 through 0.3.9.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a command from a plugin, related to "shell expansion."...
Metasploit Weekly Wrap-Up
Capture Plugin Capturing credentials is a critical and early phase in the playbook of many offensive security testers. Metasploit has facilitated this for years with protocol-specific modules all under the auxiliary/server/capture. Users can start and configure each of these modules individually,...
Haraka 2.8.9 - Remote Command Execution
Haraka 2.8.9 - Remote Command Execution !/usr/bin/python Exploit Title: Harakiri ShortDescription: Haraka comes with a plugin for processing attachments. Versions before 2.8.9 can be vulnerable to command injection Exploit Author: xychix xychix at hotmail.com / mark at outflank.nl Date: 26 Januar...
DEBIAN-CVE-2012-5534
The hookprocess function in the plugin API for WeeChat 0.3.0 through 0.3.9.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a command from a plugin, related to "shell expansion."...
Apple Mac OS X pppd privilege escalation
It's possible to attach user-supplied module to privileged process with 'plugin' command...