31171 matches found
PT-2026-28261
Name of the Vulnerable Software and Affected Versions River Past CamDo version 3.7.6 Description The software contains a structured exception handler SEH buffer overflow. Local attackers can execute arbitrary code by providing a malicious string in the Lame enc.dll name field. Attackers can creat...
📄 pdf-image 2.0.0 Command Injection
pdf-image through version 2.0.0 allows OS command injection via the pdfFilePath argument. The package builds shell command strings with util.format and executes them with childprocess.exec. If an application passes an attacker-controlled file path into PDFImage, shell metacharacters in that path...
Command Injection
Overview openhands-ai is an OpenHands: Code Less, Make More Affected versions of this package are vulnerable to Command Injection via the getgitdiff method. An attacker can execute arbitrary commands, read sensitive files, write arbitrary files, establish persistent access, or potentially escape...
OpenHands is Vulnerable to Command Injection through its Git Diff Handler
Summary A Command Injection vulnerability exists in the getgitdiff method at openhands/runtime/utils/githandler.py:134. The path parameter from the /api/conversations/conversationid/git/diff API endpoint is passed unsanitized to a shell command, allowing authenticated attackers to execute arbitra...
GHSA-7H8W-HJ9J-8RJW OpenHands is Vulnerable to Command Injection through its Git Diff Handler
Summary A Command Injection vulnerability exists in the getgitdiff method at openhands/runtime/utils/githandler.py:134. The path parameter from the /api/conversations/conversationid/git/diff API endpoint is passed unsanitized to a shell command, allowing authenticated attackers to execute arbitra...
CVE-2026-27602
Modoboa is a mail hosting and management platform. Prior to version 2.7.1, execcmd in modoboa/lib/sysutils.py always runs subprocess calls with shell=True. Since domain names flow directly into shell command strings without any sanitization, a Reseller or SuperAdmin can include shell metacharacte...
CVE-2026-27602 Modoboa has an OS Command Injection
Modoboa is a mail hosting and management platform. Prior to version 2.7.1, execcmd in modoboa/lib/sysutils.py always runs subprocess calls with shell=True. Since domain names flow directly into shell command strings without any sanitization, a Reseller or SuperAdmin can include shell metacharacte...
CVE-2026-27602
Modoboa is a mail hosting and management platform. Prior to version 2.7.1, execcmd in modoboa/lib/sysutils.py always runs subprocess calls with shell=True. Since domain names flow directly into shell command strings without any sanitization, a Reseller or SuperAdmin can include shell metacharacte...
CVE-2026-27602 Modoboa has an OS Command Injection
Modoboa is a mail hosting and management platform. Prior to version 2.7.1, execcmd in modoboa/lib/sysutils.py always runs subprocess calls with shell=True. Since domain names flow directly into shell command strings without any sanitization, a Reseller or SuperAdmin can include shell metacharacte...
EUVD-2026-15888
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...
EUVD-2026-15823
Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through 1.24...
EUVD-2026-15463
thumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter in the thumbnail function because user input is concatenated into a shell command string passed to childprocess.exec without proper sanitization or escaping...
EUVD-2026-15461
node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to childprocess.exec...
GHSA-8J44-735H-W4W2 node-tesseract-ocr is vulnerable to OS Command Injection through unsanitized recognize() function parameter
node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to childprocess.exec...
GHSA-MVHF-547C-H55R thumbler allows OS Command Injection
thumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter in the thumbnail function because user input is concatenated into a shell command string passed to childprocess.exec without proper sanitization or escaping...
thumbler allows OS Command Injection
thumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter in the thumbnail function because user input is concatenated into a shell command string passed to childprocess.exec without proper sanitization or escaping...
EUVD-2026-15429
A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...
CVE-2026-33724
n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...
CVE-2026-33724 n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no
n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...
EUVD-2026-14484
AVideo Vulnerable to OS Command Injection via Unsanitized usersid and liveTransmitionHistoryid in Restreamer Log File Path...