16 matches found
PT-2026-45865
Name of the Vulnerable Software and Affected Versions warmcat libwebsockets versions prior to 4.5.9 Description A flaw in the SSH Protocol Handler component allows for remote resource consumption. The issue exists within the lws ssh parse plaintext function located in the plugins/protocol lws ssh...
CVE-2026-30303
CVE-2026-30303 affects Axon Code’s command auto-approval module. The root cause is the incorrect use of a Unix-based shell-quote parser to analyze commands on Windows, combined with improper handling of Windows CMD escape sequences (^). Attackers can craft payloads such as git log ^" & malicious_...
EUVD-2024-47483
Malicious code in bioql PyPI...
Wireshark 代码问题漏洞
Wireshark formerly known as Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A code issue vulnerability exists in Wireshark versions 4.4.0 through 4.4.8, which stem...
GHSA-JXR4-4PRV-MH83 ejson shell parser in MongoDB Compass maybe bypassed
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...
ejson shell parser in MongoDB Compass maybe bypassed
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...
CVE-2024-6376
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...
CVE-2024-6376
CVE-2024-6376 affects MongoDB Compass prior to 1.42.2. The issue arises from insufficient sandbox protection when using the ejson shell parser in Compass’ connection handling, potentially enabling code injection. Evidence across sources confirms the vulnerability is associated with Compass’ GUI a...
CVE-2024-6376 ejson shell parser in MongoDB Compass maybe bypassed
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...
CVE-2024-6376 ejson shell parser in MongoDB Compass maybe bypassed
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...
ejson shell parser in MongoDB Compass maybe bypassed
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...
MongoDB Compass Security Vulnerability
MongoDB Compass is a free interactive tool from the US-based MongoDB Inc. for querying, optimizing and analyzing MongoDB data. A security vulnerability previously existed in MongoDB Compass version 1.42.2, which stemmed from a possible bypass of the ejson shell parser...
PT-2023-9237 · Mongodb · Mongodb Compass
Name of the Vulnerable Software and Affected Versions: MongoDB Compass versions prior to 1.42.2 Description: The issue is related to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling, which may allow attackers to execute malicious code o...
[SECURITY] Fedora 36 Update: golang-mvdan-sh-3-3.4.3-5.fc36
A shell parser, formatter, and interpreter. Supports POSIX Shell, Bash, and mksh...
[SECURITY] Fedora 35 Update: golang-mvdan-sh-3-3.4.3-4.fc35
A shell parser, formatter, and interpreter. Supports POSIX Shell, Bash, and mksh...
Ntop nDPI Input Validation Error Vulnerability
Ntop nDPI is an open source library for deep packet inspection from Ntop Italy. An input validation error vulnerability exists in the SSH protocol parser in Ntop nDPI 3.2 Stable and prior versions, which can be exploited by attackers to execute code or perform network traffic analysis...