CVE-2020-7698

This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...

Input validation

This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...

CVE-2020-7698 Command Injection

This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...

EulerOS Virtualization for ARM 64 3.0.6.0 : PyYAML (EulerOS-SA-2020-1371)

According to the version of the PyYAML package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserializatio...

EulerOS 2.0 SP8 : PyYAML (EulerOS-SA-2020-1297)

According to the version of the PyYAML packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserialization issue, e.g., Popen is a...

CVE-2020-1734

A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by...

Command Injection

Overview codecov is a Python report uploader for Codecov. Affected versions of this package are vulnerable to Command Injection. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method. PoC by Snyk codecov --gcov-args='& echo test vuln1.txt'...

DEBIAN-CVE-2019-20477

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342...

PYSEC-2020-176

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342...

Deserialization of untrusted data

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342...

Ansible pipe lookup plugin arbitrary command execution vulnerability

Ansible is a computer system configuration manager. A security vulnerability in the Ansible pipe lookup plugin subprocess.Popen allows remote attackers to exploit the vulnerability to submit a special request that can execute arbitrary commands...

EyesOfNetwork 5.1 - Authenticated Remote Command Execution

EyesOfNetwork 5.1 - Authenticated Remote Command Execution Exploit Title: EyesOfNetwork 5.1 - Authenticated Remote Command Execution Google Dork: N/A Date: 2019-08-14 Exploit Author: Nassim Asrir Vendor Homepage: https://www.eyesofnetwork.com/ Software Link:...

EyesOfNetwork 5.1 Remote Command Execution

Exploit Title: EyesOfNetwork 5.1 - Authenticated Remote Command Execution Google Dork: N/A Date: 2019-08-14 Exploit Author: Nassim Asrir Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: https://www.eyesofnetwork.com/?pageid=48&lang=fr Version: 5.1 "; while$read = fread$handle,100 ec...

EyesOfNetwork 5.1 - Authenticated Remote Command Execution

Exploit Title: EyesOfNetwork 5.1 - Authenticated Remote Command Execution Google Dork: N/A Date: 2019-08-14 Exploit Author: Nassim Asrir Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: https://www.eyesofnetwork.com/?pageid=48&lang=fr Version: 5.1 "; while$read = fread$handle,100 ec...

CVE-2017-8333

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way...

Command injection

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way...

CVE-2017-8333

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way...

Arbitrary OS Command Execution

librenms is vulnerable to arbitrary OS command execution. The vulnerability exists due to the lack of validation of user's input to gensnmpwalkcmd in capture.inc.php, allowing an attacker to control the output passed to popen command to inject and execute arbitrary OS commands...

EulerOS Virtualization 2.5.1 : sudo (EulerOS-SA-2018-1380)

According to the version of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen, or...

LiquidVPN 1.36 1.37 - Privilege Escalation

LiquidVPN 1.36 1.37 - Privilege Escalation / ======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE IDs: CVE-2018-18856, CVE-2018-18857, CVE-2018-1885...