33 matches found
EUVD-2013-7270
Malware in sbrugna...
EUVD-2022-6497
Malicious code in bioql PyPI...
EUVD-2022-24817
Malicious code in bioql PyPI...
EUVD-2025-9770
Malicious code in bioql PyPI...
CVE-2021-21307
Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a...
Internet Bug Bounty: CVE-2022-38362: Apache Airflow Docker Provider <3.0 RCE vulnerability in example dag
Apache Airflow Docker's Provider shipped with an example DAG that was vulnerable to authenticated remote code exploit of code on the Airflow worker host. Vulnerability summary: In DAG script of airflow 2.3.3, there is a command injection vulnerability RCE in the script exampledockercopydata.py of...
CVE-2022-38362
Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to authenticated remote code exploit of code on the Airflow worker host...
CVE-2022-38362 Docker Provider <3.0 RCE vulnerability in example dag
Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to authenticated remote code exploit of code on the Airflow worker host...
CVE-2022-38362
CVE-2022-38362 affects the Apache Airflow Docker provider prior to 3.0.0. The issue stems from an example DAG shipped with the provider and is exploitable via authenticated remote code execution on the Airflow worker host, involving a BashOperator call and a template-controlled parameter (source_...
PT-2022-24388 · Apache · Apache-Airflow-Providers-Docker +1
Name of the Vulnerable Software and Affected Versions: Apache Airflow Docker's Provider versions prior to 3.0.0 Description: The issue is related to an example DAG in Apache Airflow Docker's Provider that is vulnerable to authenticated remote code exploit on the Airflow worker host...
CVE-2022-1519
LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a remote code exploit...
Remote code execution
LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a remote code exploit...
CVE-2022-1519
LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a remote code exploit...
CVE-2021-21307
Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a...
CVE-2021-21307
Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a...
CVE-2021-21307 Remote Code Exploit in Lucee Admin
Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a...
CVE-2021-21307
Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a...
Wages table actually into hacking weapons Flash emergency patch-bug warning-the black bar safety net
6 month 7 day night, the official Adobe announcement, announced the emergency release security patches fix latest be found the Flash of high-risk vulnerabilities, and the discovery of this vulnerability using the 360 core security advanced Threat Response Team public Acknowledgements. As the...
Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit
Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon3', 'Description' = %q CVE-2018-7602 / SA-CORE-2018-004 A remote code execution...
Shutter 0.93.1 - Code Execution
Shutter 0.93.1 - Code Execution Exploit Title: Shutter user-assisted remote code execution Date: 2016-12-26 Software Link: http://shutter-project.org/ Version: 0.93.1 Tested on: Ubuntu, Debian Exploit Author: Prajith P Website: http://prajith.in/ Author Mail: [email protected] CVE: CVE-2016-10081 1...