CVE-2022-30284

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived...

GHSA-QWQV-J7JR-4HP6 Argument injection in python-libnmap

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments...

Argument injection in python-libnmap

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments...

CVE-2022-30284

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived...

CVE-2022-30284

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived...

CVE-2022-30284

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived...

UBUNTU-CVE-2022-30284

DISPUTED In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that...

PYSEC-2022-42999

DISPUTED In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that...

Command injection

DISPUTED In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that...

CVE-2022-30284

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur if used in a client application that does not validate arguments. NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived...

CVE-2022-30284

Removed by vendor...

CVE-2022-30284

The CVE affects the python-libnmap Python package up to version 0.7.2. The root cause is remote command execution when NmapProcess is called with unvalidated arguments, allowing an attacker-controlled input to influence executed commands in a client application. Impact is high: CVSS indicates cri...

PT-2022-20044 · Pypi · Python-Libnmap

Name of the Vulnerable Software and Affected Versions: python-libnmap versions through 0.7.2 Description: Remote command execution can occur in the python-libnmap package if used in a client application that does not validate arguments. The vendor believes it would be unrealistic for an applicati...

XML Injection in python-libnmap

Description python-libnmap is affected by a Billion-Laughs -style XML injection vulnerability. PoC python ty = NmapParser payload = """ &lol3; """ ty.parsepayload...

GHSA-9CCV-P7FG-M73X XML Injection in python-libnmap

Description python-libnmap is affected by a Billion-Laughs -style XML injection vulnerability. PoC python ty = NmapParser payload = """ &lol3; """ ty.parsepayload...

XML Injection

python-libnmap is vulnerable to XML injection. It does not prevent the attacker from parsing malicious XML, allowing the attacker to exploit billion laughs attack and crash the application...

Distributed Network Vulnerability Scanner: Prowler

Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon – HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...