616 matches found
PT-2024-4625 · Node.Js +1 · Node.Js +1
Name of the Vulnerable Software and Affected Versions: Node.js versions up to 18.20.3 Node.js versions up to 20.15.0 Node.js versions up to 22.4.0 Description: The issue arises from improper handling of batch files with all possible extensions on Windows via child process.spawn / child...
DEBIAN-CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2021-47337
The CVE-2021-47337 issue is in the Linux kernel SCSI core path: when an error arises during scsi_host_alloc() and the error-handling ehandler thread fails to spawn, shost->ehandler may be set to ERR_PTR(-ENOMEM) and scsi_host_dev_release() would call kthread_stop() on a NULL/invalid pointer, r...
SUSE CVE-2024-27980
Due to the improper handling of batch files in childprocess.spawn / childprocess.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled...
Improper Control of Generation of Code ('Code Injection')
Overview Affected versions of this package are vulnerable to Improper Control of Generation of Code 'Code Injection' due to the improper handling of batch files in childprocess.spawn or childprocess.spawnSync. An attacker can inject arbitrary commands and achieve code execution even if the shell...
Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws
Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. The clusters are being tracked by Mandiant under the uncategorized monikers UNC5221, UNC5266, UNC5291, UNC5325,...
PT-2024-5241 · Node.Js +1 · Node.Js +1
Name of the Vulnerable Software and Affected Versions: Node.js versions 18.x, 20.x, and 21.x Description: The issue is related to the improper handling of batch files in child process.spawn and child process.spawnSync on Windows platforms. This allows a malicious command line argument to inject...
PT-2023-9813
Name of the Vulnerable Software and Affected Versions cross-spawn versions prior to 7.0.5 Description The issue is related to a Regular Expression Denial of Service ReDoS in the cross-spawn package. This occurs due to improper input sanitization, allowing an attacker to craft a large and...
Environment variables still accessible through /proc
Impact Environment variables can be read from procfs unless a new process is started. PoC use birdcage::Birdcage, Sandbox; use std::env, fs; fn main Birdcage::new.lock.unwrap; asserteq!env::varos"SECRET", None; let environ = fs::readtostring"/proc/self/environ".unwrap;...
Uptime Kuma Authenticated remote code execution via TailscalePing
Summary The runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell command, leading to a command injection and the possibility to run arbitrary commands on the server. Details When adding a new monitor on Uptime Kuma, we can select the "Tailscale Ping"...
PT-2023-33027 · Unknown · Uptime Kuma
Name of the Vulnerable Software and Affected Versions: Uptime Kuma affected versions not specified Description: The issue concerns a command injection vulnerability in Uptime Kuma. Specifically, the runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell...
nodejs: Permissions policies can be bypassed via process.binding
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...
nodejs: Permissions policies can be bypassed via process.binding
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...
nodejs: Permissions policies can be bypassed via process.binding
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...
nodejs: Permissions policies can be bypassed via process.binding
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...
nodejs: Permissions policies can be bypassed via process.binding
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...
nodejs: Permissions policies can be bypassed via process.binding
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...
A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x 18.x and 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued the policy is an experimental feature of Node.js.
...
DEBIAN-CVE-2023-32559
A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsyn...