CVE-2020-15272

In the git-tag-annotation-action open source GitHub Action before version 1.0.1, an attacker can execute arbitrary shell commands if they can control the value of the tag input or manage to alter the value of the GITHUBREF environment variable. The problem has been patched in version 1.0.1. If yo...

CVE-2020-15271

In lookatme (Python/pypi) versions prior to 2.3.0, the package automatically loaded the built-in terminal and file_loader extensions. Rendering untrusted Markdown could cause malicious shell commands to run on the user’s system. This is fixed in version 2.3.0. As a workaround, the files lookatme/...

CVE-2020-15271 Shell Command Execution in lookatme

In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...

openSUSE Security Update : cifs-utils (openSUSE-2020-1579)

This update for cifs-utils fixes the following issues : - CVE-2020-14342: Fixed a shell command injection vulnerability in mount.cifs bsc1174477. - Fixed an invalid free in mount.cifs; bsc1152930. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security,...

CVE-2020-14293

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

openSUSE: Security Advisory for cifs-utils (openSUSE-SU-2020:1579-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for cifs-utils (moderate)

openSUSE Security Update: Security update for cifs-utils Announcement ID: openSUSE-SU-2020:1579-1 Rating: moderate References: 1152930 1174477 Cross-References: CVE-2020-14342 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

SUSE-SU-2020:2728-1 Security update for cifs-utils

This update for cifs-utils fixes the following issues: - CVE-2020-14342: Fixed a shell command injection vulnerability in mount.cifs bsc1174477...

Exploit for Incorrect Calculation in Google Android

...

vBulletin 5.x Remote Code Execution

!/usr/bin/env python3 vBulletin 5.x pre-auth widgettabbedContainer RCE exploit by @zenofex import argparse import requests import sys def runexploitvbloc, shellcmd: postdata = 'subWidgets0template' : 'widgetphp', 'subWidgets0configcode' : "echo shellexec'%s'; exit;" % shellcmd r =...

Node.js third-party modules: [freespace] Command Injection due to Lack of Sanitization

I would like to report Command Injection in the freespace module. It allows an attacker to inject and execute shell commands on Unix based systems. Module module name: freespace version: 1.0.4 npm page: https://www.npmjs.com/package/freespace Module Description A library that tells you how much...

Node.js third-party modules: [@knutkirkhorn/free-space] - Command Injection through Lack of Sanitization

I would like to report Command Injection in the free-space module. It allows arbitrary shell command execution on Unix-based systems Module module name: free-space version: 1.2.0 npm page: https://www.npmjs.com/package/free-space Module Description Get the amount of free space for a drive Module...

Valve: Shell command injection in https://partner.steamgames.com/admin/game/publish/ via screenshot URL

Shell command injection in https://partner.steamgames.com/admin/game/publish/ via screenshot URL The vulnerability allowed insufficient validation of parameters, which permitted the injection of shell metacharacters into values used to construct a Bash command...

SNMP Trap Translator: Multiple vulnerabilities

Background SNMP Trap Translator SNMPTT is an SNMP trap handler written in Perl. Description It was found that SNMP Trap Translator does not drop privileges as configured and does not properly escape shell commands in certain functions. Impact A remote attacker, by sending a malicious crafted SNMP...

Valve: Shell command injection in https://partner.steamgames.com/bundles/savestore/ via overwriting asset_path_identifier

Shell command injection in https://partner.steamgames.com/bundles/savestore/ via overwriting assetpathidentifier. Insufficient validation of parameters allowed injecting shell metacharacters into values used to construct a Bash command...

CVE-2020-3332 Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input...

Arbitrary shell command execution in logkitty

Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...

GHSA-V8V8-6859-QXM4 Arbitrary shell command execution in logkitty

Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...

Input validation

A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, adjacent attacker to execute arbitrary shell comman...

MCIR

This is a collection of intentionally vulnerable applications for testing code injection vulnerabilities. The applications are designed to be used in a trusted web environment and should not be published on a production server or exposed to the internet. The applications include: CryptOMG: A...