CVE-2026-41501

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

CVE-2026-41501

CVE-2026-41501 affects electerm prior to v3.3.8. The vulnerability resides in npm/install.js:130 where the runLinux() function appends attacker-controlled remote version strings directly into an unvalidated exec("rm -rf ...") command, enabling command injection. Reports across NVD, CVELIST, PT-Se...

uutils coreutils 后置链接漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. uutils coreutils has a post-installation link vulnerability. This vulnerability stems from the rm utility allowing bypass of the --preserve-root protection. Instead of using device and inode numbers fo...

EUVD-2007-0891

Malware in sbrugna...

OS Command Injection in compile-sass

compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...

OS Command Injection

compile-sass is vulnerable to OS command injection. Lack of validation and sanitization allows an attacker to inject and execute arbitrary OS commands within the rm command in the function setupCleanupOnExitcssPath in dist/index.js...

Command Injection

Overview compile-sass is a module to compile SASS on-the-fly and/or save it to CSS files. Affected versions of this package are vulnerable to Command Injection. The function setupCleanupOnExitcssPath within dist/index.js is executed as part of the rm command without any sanitization. PoC by JHU...

CVE-2006-1251

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command...

MacOS X 10.11 FTS Buffer Overflow

MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow Credit: Maksymilian Arciemowicz CXSECURITY Website: http://cxsecurity.com/ http://cert.cx/ Affected software: - Commands such as: ls, find, rm - probably more Apple file system suffer for a issue recognised in FTS library. The ma...

[SECURITY] Fedora 19 Update: srm-1.2.13-1.fc19

srm is a secure replacement for rm1. Unlike the standard rm, it overwrites the data in the target files before unlinkg them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it's unlikely that...

Scientific Linux Security Update : initscripts on SL5.x i386/x86_64 (20120221)

The initscripts package contains system scripts to boot your system, change runlevels, activate and deactivate most network interfaces, and shut the system down cleanly. With the default IPsec Internet Protocol Security ifup script configuration, the racoon IKE key management daemon used aggressi...

Low: Red Hat Security Advisory: initscripts security and bug fix update

An updated initscripts package that fixes one security issue and four bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

RedHat Update for initscripts RHSA-2012:0312-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2006-1251

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command...

CVE-2006-1251

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command...

CVE-2006-1251

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command...