Lucene search
K

10 matches found

Ubuntu
Ubuntu
added 2025/07/07 1:13 p.m.5 views

USN-7620-1: File::Find::Rule vulnerability

Kevin Ryde discovered that File::Find::Rule incorrectly handled certain file names. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS8AI score0.00736EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/30 12:0 a.m.4 views

AlmaLinux 9 : perl-File-Find-Rule (ALSA-2025:9517)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9517 advisory. perl-file-find-rule: File::Find::Rule Arbitrary Code Execution CVE-2011-10007 Tenable has extracted the preceding description block directly from the AlmaLinux...

8.8CVSS7.9AI score0.00736EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/06/24 11:31 a.m.5 views

perl-file-find-rule: File::Find::Rule Arbitrary Code Execution

A flaw was found in perl-file-find-rule. The grep function within File::Find::Rule versions up to 0.34 is vulnerable to arbitrary code execution if provided with a specially crafted filename. This vulnerability allows an attacker to supply a filename that, when opened, executes arbitrary code via...

8.8CVSS6.5AI score0.00736EPSS
Exploits0References9
Gentoo Linux
Gentoo Linux
added 2025/06/12 12:0 a.m.9 views

File-Find-Rule: Shell Injection

Background File-Find-Rule is an alternative interface to File::Find. Description File-Find-Rule uses the legacy '2-arg' open call which is susceptible to shell injection via malicious filenames. Impact Shell injection may be used to execute arbitrary code using a malicious filename. Workaround...

8.8CVSS8.4AI score0.00736EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:58 a.m.7 views

CVE-2022-31037

OroCommerce is an open-source Business to Business Commerce application. Versions between 4.1.0 and 4.1.17 inclusive, 4.2.0 and 4.2.11 inclusive, and between 5.0.0 and 5.0.3 inclusive, are vulnerable to Cross-site Scripting in the UPS Surcharge field of the Shipping rule edit page. The attacker...

6.9CVSS6.3AI score0.00401EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/03/07 12:0 a.m.6 views

The vulnerability of the zlog_rule_s class in the logging library allows a violator to execute arbitrary code.

The vulnerability of the zlogrules class in the zlog logging library is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.3AI score0.01699EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/08/24 3:49 p.m.4 views

USN-5580-1 linux-aws vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 It was...

7.8CVSS7AI score0.05542EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.0184EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/12/06 4:15 a.m.3 views

CVE-2021-43043

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...

6.5CVSS6.7AI score0.01414EPSS
Exploits1References4
CNVD
CNVD
added 2017/07/21 12:0 a.m.6 views

GLPI 'condition rule' SQL Injection Vulnerability

GLPI is an open source IT resource management suite maintained by the Indepnet Association. The suite includes features such as device status management, asset inventory storage, management processes and work log management. An SQL injection vulnerability exists in the condition rule field in GLP...

8.8CVSS9.6AI score0.0121EPSS
Exploits0References1
Rows per page
Query Builder