Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-9626

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00885EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/10 6:14 p.m.21 views

CVE-2010-10013

An unauthenticated remote command execution vulnerability exists in AjaXplorer now known as Pydio Cells versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By...

9.3CVSS8AI score0.01076EPSS
Exploits0References1
CVE
CVE
added 2025/08/08 6:9 p.m.26 views

CVE-2010-10013

CVE-2010-10013 describes an unauthenticated remote command execution in AjaXplorer (now Pydio Cells) versions before 2.6. The vulnerability resides in the checkInstall.php script of the access.ssh plugin, which fails to sanitize input passed to the destServer GET parameter. By injecting shell met...

9.3CVSS7.7AI score0.01076EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/04/24 12:0 a.m.6 views

The vulnerability of the SSH plugin of the JetBrains Toolbox, a set of development tools, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the SSH plugin in the JetBrains Toolbox suite is related to incorrect verification of the certificate’s authenticity. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information...

4.2CVSS5.5AI score0.00161EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/04/17 4:15 p.m.2 views

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...

9.8CVSS5.8AI score0.00663EPSS
Exploits0References2
OSV
OSV
added 2025/04/17 4:15 p.m.6 views

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...

9.8CVSS5.8AI score0.00663EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.5 views

JetBrains Toolbox 命令注入漏洞

JetBrains Toolbox App is an application for managing JetBrains development tools, providing installation, update, and management capabilities. JetBrains Toolbox App suffers from a command injection vulnerability that stems from the SSH plugin handling input improperly. An attacker could exploit t...

9.8CVSS8.3AI score0.00663EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/08 12:0 a.m.7 views

The vulnerability of the Tauri shell plugin framework for creating cross-platform desktop applications relates to insufficient validation of input data. This allows attackers to bypass security restrictions and execute arbitrary code.

The vulnerability of the Tauri framework’s shell plugin for creating cross-platform desktop applications is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary code...

10CVSS5.8AI score0.00885EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/04 9:34 p.m.20 views

CVE-2025-31477

The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener e.g. xdg-open on Linux. This was...

9.8CVSS8.4AI score0.00885EPSS
Exploits1References1
NVD
NVD
added 2025/04/02 10:15 p.m.25 views

CVE-2025-31477

The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener e.g. xdg-open on Linux. This was...

9.8CVSS0.00885EPSS
Exploits1References2
CVE
CVE
added 2025/04/02 9:10 p.m.102 views

CVE-2025-31477

CVE-2025-31477 concerns the Tauri shell plugin (prior to 2.2.1). The open endpoint allowed system-opening with protocols like file://, smb://, or nfs:// due to improper validation, enabling remote code execution when untrusted input is passed. Affected: tauri-plugin-shell before version 2.2.1. Mi...

9.8CVSS8.3AI score0.00885EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/04/02 9:10 p.m.15 views

CVE-2025-31477 Improper Scope Validation in the open Endpoint of tauri-plugin-shell

The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener e.g. xdg-open on Linux. This was...

9.3CVSS8.1AI score0.00885EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.7 views

PT-2025-14556 · Tauri · Tauri Shell Plugin

Name of the Vulnerable Software and Affected Versions: Tauri shell plugin versions prior to 2.2.1 Description: The Tauri shell plugin exposes functionality to execute code and open programs on the system. Due to improper validation of allowed protocols, potentially dangerous protocols like file:/...

10CVSS7.4AI score0.00885EPSS
Exploits1References14
GithubExploit
GithubExploit
added 2023/10/30 12:17 a.m.64 views

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

Confluence Hack CVE-2023-22515 exploit.py Exploit to creat...

10CVSS9.9AI score0.99156EPSS
Exploits39
ATTACKERKB
ATTACKERKB
added 2022/05/17 3:15 p.m.2 views

CVE-2022-30957

A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS5.8AI score0.00684EPSS
Exploits0References3
Kitploit
Kitploit
added 2020/07/24 12:30 p.m.31 views

Quiver - Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing

Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn't hide commands fro...

7.2AI score
Exploits0References1
OSV
OSV
added 2012/10/01 3:26 a.m.2 views

DEBIAN-CVE-2012-4427

The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page...

6.8CVSS7AI score0.01287EPSS
Exploits1References1
OSV
OSV
added 2012/10/01 3:26 a.m.7 views

CVE-2012-4427

The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page...

6.6AI score
Exploits0References7
Rows per page
Query Builder