18 matches found
EUVD-2025-9626
Malicious code in bioql PyPI...
CVE-2010-10013
An unauthenticated remote command execution vulnerability exists in AjaXplorer now known as Pydio Cells versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By...
CVE-2010-10013
CVE-2010-10013 describes an unauthenticated remote command execution in AjaXplorer (now Pydio Cells) versions before 2.6. The vulnerability resides in the checkInstall.php script of the access.ssh plugin, which fails to sanitize input passed to the destServer GET parameter. By injecting shell met...
The vulnerability of the SSH plugin of the JetBrains Toolbox, a set of development tools, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the SSH plugin in the JetBrains Toolbox suite is related to incorrect verification of the certificate’s authenticity. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information...
CVE-2025-43012
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...
CVE-2025-43012
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...
JetBrains Toolbox 命令注入漏洞
JetBrains Toolbox App is an application for managing JetBrains development tools, providing installation, update, and management capabilities. JetBrains Toolbox App suffers from a command injection vulnerability that stems from the SSH plugin handling input improperly. An attacker could exploit t...
The vulnerability of the Tauri shell plugin framework for creating cross-platform desktop applications relates to insufficient validation of input data. This allows attackers to bypass security restrictions and execute arbitrary code.
The vulnerability of the Tauri framework’s shell plugin for creating cross-platform desktop applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary code...
CVE-2025-31477
The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener e.g. xdg-open on Linux. This was...
CVE-2025-31477
The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener e.g. xdg-open on Linux. This was...
CVE-2025-31477
CVE-2025-31477 concerns the Tauri shell plugin (prior to 2.2.1). The open endpoint allowed system-opening with protocols like file://, smb://, or nfs:// due to improper validation, enabling remote code execution when untrusted input is passed. Affected: tauri-plugin-shell before version 2.2.1. Mi...
CVE-2025-31477 Improper Scope Validation in the open Endpoint of tauri-plugin-shell
The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener e.g. xdg-open on Linux. This was...
PT-2025-14556 · Tauri · Tauri Shell Plugin
Name of the Vulnerable Software and Affected Versions: Tauri shell plugin versions prior to 2.2.1 Description: The Tauri shell plugin exposes functionality to execute code and open programs on the system. Due to improper validation of allowed protocols, potentially dangerous protocols like file:/...
Exploit for Improper Input Validation in Atlassian Confluence_Data_Center
Confluence Hack CVE-2023-22515 exploit.py Exploit to creat...
CVE-2022-30957
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
Quiver - Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing
Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn't hide commands fro...
DEBIAN-CVE-2012-4427
The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page...
CVE-2012-4427
The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page...