CVE-2026-42408 BIG-IP DNS tmsh vulnerability

When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell tmsh command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2022-51038

Malicious code in bioql PyPI...

GHSA-MQCP-P2HV-VW6X Withdrawn Advisory: Thor can construct an unsafe shell command from library input.

Withdrawn Advisory This advisory has been withdrawn because the method described can only be used with arguments that are controlled by Thor, and an external attacker cannot access the functionality described in the body of the CVE. This link is maintained to preserve external references. Origina...

CVE-2025-54314

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."...

CVE-2025-54314

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."...

CVE-2021-23154

In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. Arguments can be provided which cause arbitrary shell commands to run on the system...

Pygments FontManager._get_nix_font_path Shell Injection Vulnerability

Pygments FontManager.getnixfontpath version 1.2.2-2.0.2 suffers from a shell injection vulnerability. Shell Injection in Pygments FontManager.getnixfontpath Product: Pygments Version: 1.2.2-2.0.2 497:fe62167596bb to 3693:655dbebddc23 Tue Nov 06 17:30:45 2007 +0000 to Aug 21, 2015. Website:...

GLSA-200411-33 : TWiki: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200411-33 TWiki: Arbitrary command execution The TWiki search function, which uses a shell command executed via the Perl backtick operator, does not properly escape shell metacharacters in the user-provided search string. Impact :...

SCAN Associates Advisory: Molly 0.5 - Remote Command Execution

Molly 0.5 - Remote Command Execution Discovered By guejez of scan-associates.net About Molly: ------------------ quote from Molly homepage "Molly is a small, simple IRC bot that I use for intra-office communication. She will handle lunch menus, stock quotes, take polls and stuff like that." /quot...

Marcus S. Xenakis "directory.php" allows arbitrary code execution

------------------------------------------------------------ itcp advisory 3 [email protected] http://www.it-checkpoint.net/advisory/3.html March 10th, 2002 ------------------------------------------------------------ Marcus S. Xenakis "directory.php" allows arbitrary code execution...