340 matches found
SUDO_EXPLOIT_CHECKER
It is an offensive tool for Linux. This repository contains a pr...
EUVD-2024-24401
Malicious code in bioql PyPI...
EUVD-2025-19118
Malicious code in bioql PyPI...
EUVD-2025-18445
Malicious code in bioql PyPI...
EUVD-2025-25253
Malicious code in bioql PyPI...
xss-Finder
This repository contains two files one is a vulnerable pa...
GHSA-3VCP-R62V-XPVG Apache DolphinScheduler vulnerable to Alert Script Attack
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue...
Apache DolphinScheduler vulnerable to Alert Script Attack
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue...
Apache DolphinScheduler Code Execution Vulnerability
Apache DolphinScheduler is a modern data scheduling platform from the Apache USA Foundation. A code execution vulnerability exists in Apache DolphinScheduler versions prior to 3.2.2 due to improper input validation. An attacker can exploit this vulnerability to execute arbitrary shell scripts on...
CVE-2024-43115
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue...
CVE-2024-43115
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue...
CVE-2024-43115 Apache DolphinScheduler: Alert Script Attack
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue...
CVE-2024-43115 Apache DolphinScheduler: Alert Script Attack
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue...
CVE-2024-43115
CVE-2024-43115 affects Apache DolphinScheduler (pre-3.2.2). The issue is due to improper input validation, permitting an authenticated user to trigger execution of arbitrary shell scripts via the alert script. Upgrading to 3.3.1 is recommended and fixes the vulnerability. There is no exploitation...
PT-2025-35703
Name of the Vulnerable Software and Affected Versions: Apache DolphinScheduler versions prior to 3.2.2 Description: An authenticated user can execute any shell script on the server through the alert script functionality due to improper input validation. Recommendations: Upgrade to version 3.3.1...
Shell Script Compiler 安全漏洞
Shell Script Compiler is a shell script compiler by the individual developer Md Jahidul Hamid. A security vulnerability exists in Shell Script Compiler 4.0.3 and earlier versions, which stems from improper handling of environment variables and can lead to os command injection...
CVE-2025-9175
A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...
Shell Script Compiler 命令注入漏洞
Shell Script Compiler is a Shell Script Compiler by the individual developer Md Jahidul Hamid. A command injection vulnerability exists in Shell Script Compiler version 4.0.3 and earlier, which stems from an os command injection in the file src/shc.c function make in the component Filename Handle...
Shell Script Compiler 安全漏洞
Shell Script Compiler is a Shell Script Compiler by the individual developer Md Jahidul Hamid. A security vulnerability exists in Shell Script Compiler version 4.0.3 and earlier, which stems from a stack buffer overflow in the file src/shc.c function make...
curl: Unsafe Global IFS Modification in OS400 Shell Script Enables Command Injection and Parsing Flaws (CWE-78/CWE-20)
In the curl source repository, the OS400 initialization script packages/OS400/make-incs.sh modifies the global shell variable IFS Internal Field Separator without local scoping or restoration. This pattern exposes users and CI/CD systems to unintended parsing, command injection, and logic errors ...