Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Debian CVE
Debian CVEadded 2021/09/09 1:10 a.m.5 views

CVE-2020-26300

systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fixed in version 4.26.2 with a shell string sanitation fix...

9.8CVSS5.8AI score0.01516EPSS
Exploits0
Debian CVE
Debian CVEadded 2020/12/16 7:30 p.m.4 views

CVE-2020-26274

In systeminformation npm package before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix...

8.8CVSS5.8AI score0.01389EPSS
Exploits0
OSV
OSVadded 2020/11/27 8:15 p.m.6 views

CVE-2020-26245

npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or...

9.8CVSS6.9AI score
Exploits0References2
CVE
CVEadded 2020/11/27 7:50 p.m.89 views

CVE-2020-26245

The CVE concerns the npm package systeminformation (prior to v4.30.5). A Prototype Pollution flaw can lead to Command Injection, with fixes implemented by rewriting shell sanitations to prevent pollution. Affected versions are before 4.30.5; remediation is to upgrade to v4.30.5 (or at least v4.30...

9.8CVSS8.7AI score0.0113EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blogadded 2020/11/27 4:7 p.m.45 views

Prototype Pollution in systeminformation

Impact command injection vulnerability by prototype pollution Patches Problem was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. Please upgrade to version = 4.30.2 Workarounds If you cannot upgrade, be sure to check or sanitize service parameter strings that are...

9.8CVSS3.2AI score0.0113EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2020/10/27 8:40 p.m.23 views

GHSA-FJ59-F6C3-3VW4 Command Injection in systeminformation

Impact command injection vulnerability Patches Problem was fixed with a shell string sanitation fix. Please upgrade to version = 4.26.2 Workarounds If you cannot upgrade, be sure to check or sanitize service parameter strings that are passed to is.services, is.inetChecksite, si.inetLatency,...

5.9CVSS9.6AI score0.01516EPSS
Exploits0References6
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.12 views

verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability

No description provided by source. == verlihub =0.9.8d-RC2 remote r00t / command execution ======================= | ' / | / / \---'-|---\ | |' / / / '. V ,--' ':./ description:-------------------------------------------------------------------- Verlihub is a Direct Connect protocol server; runs...

7.1AI score
Exploits0
Rows per page
Query Builder