21 matches found
cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
An update is available for cockpit. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. I...
cockpit: Cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
cockpit: Cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
RHEL 10 : cockpit: Unauthenticated remote code execution due to SSH command-line argument injection (Critical) (RHSA-2026:7381)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7381 advisory. Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports,...
CVE-2026-4631
CVE-2026-4631 affects Cockpit: unauthenticated remote code execution via SSH command-line argument injection in the remote login flow. The web interface passes user-supplied hostnames/usernames to the SSH client without validation, allowing a network-connected attacker to send a single HTTP reque...
CVE-2026-32094
Shescape is a simple shell escape library for JavaScript. Prior to 2.1.10, Shescapeescape does not escape square-bracket glob syntax for Bash, BusyBox sh, and Dash. Applications that interpolate the return value directly into a shell command string can cause an attacker-controlled value like...
CVE-2025-32821
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance...
CVE-2025-32821
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance...
SUSE CVE-2019-16255
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument aka the "command" argument to Shell or Shelltest in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method...
PT-2022-15762 · Western Digital · Western Digital My Cloud
Name of the Vulnerable Software and Affected Versions: Western Digital My Cloud Devices affected versions not specified Description: A command injection remote code execution issue was discovered that could allow an attacker to execute arbitrary system commands on the device. The issue was...
ruby: Code injection via command argument of Shell#test / Shell#[]
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument aka the "command" argument to Shell or Shelltest in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method...
DEBIAN-CVE-2019-16255
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument aka the "command" argument to Shell or Shelltest in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method...
CVE-2019-9794
A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the...
UBUNTU-CVE-2017-5207
Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument...
ImageMagick driver does not escape all shell arguments.
More info at https://fuelphp.com/security-advisories...
Fedora 21 : lsyncd-2.1.5-6.fc21 (2014-15338)
Fix bad shell argument escaping Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 20 : lsyncd-2.1.4-4.fc20.1 (2014-15393)
Fix bad shell argument escaping Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
RHEL 2.1 : mod_auth_any (RHSA-2003:114)
Updated modauthany packages are available for Red Hat Enterprise Linux. These updated packages fix vulnerabilities associated with the manner in which modauthany escapes shell arguments when calling external programs. The Web server module modauthany allows the Apache httpd server to call arbitra...
phpEscape.txt
SEC-CONSULT Security Advisory - PHP: Hypertext Preprocessor Vendor: PHP http://www.php.net Product: PHP 4.3.6 and below verified in 4.3.5 which was current when the bug was discovered Vendor status: vendor contacted 04-04-2004 Patch status: Problem fixed in 4.3.7 =========== DESCRIPTION =========...
BitKeeper remote shell command execution/local vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: BitKeeper remote shell command execution/local vulnerability Product: BitKeeper http://www.bitkeeper.com Version: 3.0.x Author: Maurycy Prodeus [email protected] Date: 11 November 2002 Issue: - ------ BitKeeper is a source management software. It...