42 matches found
EUVD-2021-16087
Malware in sbrugna...
EUVD-2023-38327
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-13124
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2021-29488
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer function into writing downloaded...
CVE-2023-34237
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
CVE-2021-29488
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround,...
CVE-2020-13124
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system...
Linux Distros Unpatched Vulnerability : CVE-2023-34237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the...
SABnzbd: Remote Code Execution
Background Free and easy binary newsreader with web interface. Description A vulnerability has been discovered in SABnzbd. Please review the CVE identifier referenced below for details. Impact A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the...
GLSA-202312-11 : SABnzbd: Remote Code Execution
The remote host is affected by the vulnerability described in GLSA-202312-11 SABnzbd: Remote Code Execution - SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the...
Remote Code Execution (RCE)
SABnzbd is vulnerable to Remote Code Execution RCE. This vulnerability occurs due to a design flaw in the Notification Script functionality. An attacker can exploit this vulnerability by sending a specially crafted request to the SABnzbd web interface. This can be used to execute arbitrary code o...
CVE-2023-34237
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
DEBIAN-CVE-2023-34237
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
Remote code execution
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
CVE-2023-34237
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
UBUNTU-CVE-2023-34237
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
CVE-2023-34237 Remote code execution via specially crafted script settings in SABnzbd
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
CVE-2023-34237
SABnzbd (Usenet downloader) is affected by CVE-2023-34237 due to a design flaw in the Notification Script parameters that enables remote code execution with SABnzbd process privileges. Exploitation requires access to the web interface; remote access is possible if the instance is exposed to the i...
CVE-2023-34237 Remote code execution via specially crafted script settings in SABnzbd
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...
CVE-2023-34237
SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...