CVE-2014-0156

CVE-2014-0156 corresponds to an OS command injection in the Ruby gem awesome_spawn (ManageIQ). The vulnerability allows an attacker to execute arbitrary commands when untrusted input is passed as command arguments to AwesomeSpawn.run, via the underlying Kernel.spawn usage. The issue affects versi...

CVE-2014-0156

Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input was included in command arguments, attacker could use this flaw to execute arbitrary command...

Awesome spawn 操作系统命令注入漏洞

Awesome spawn is an open source module from ManageIQ in the US. It provides some useful features on Ruby's Kernel.spawn. A security vulnerability exists in Awesome spawn that stems from the fact that it allows the execution of other commands passed as arguments to Awesome spawn. An attacker can...

Malicious code in grunt-bowerspawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f19c7ffe5b8c7e758f111d8a269b08c66ef7dd51229dae215a6b7ecd967b3db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Openstack Octavia Access Control Vulnerability

Description An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if...

GHSA-3X62-X456-Q2VM OS Command Injection in git-pull-or-clone

The package git-pull-or-clone before 2.0.2 is vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. The source includes the use of the secure child process API spawn. However, the outpath parameter passed to it may be a...

CVE-2022-24437

The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. The source includes the use of the secure child process API spawn. However, the outpath parameter passed to it may be a...

PT-2022-10398 · Qualcomm · Snapdragon Connectivity +4

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Industrial IOT affected versions not specified Snapdragon Mobile affected...

HashiCorp Nomad Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HashiCorp Nomad Remote Command Execution', 'Description' = %q Create a batch job on HashiCorp's Nomad service to spawn a shell. The default optio...

Xmind 2020 - XSS to Remote Command Execution Vulnerability

Exploit Title: Xmind 2020 - XSS to RCE Exploit Author: TaurusOmar CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://www.xmind.net/ Version: 2020 Tested on: Windows, Linux, MacOs Software Description: XMind, a full-featured mind mapping and brainstorming tool,...

GNU Guix 后置链接漏洞

GNU Guix is an open source, cross-platform package manager for the GNU community. A backlink vulnerability exists in GNU guix-daemon that allows an unprivileged user to spawn a build process...

Girsh - Automatically Spawn A Reverse Shell Fully Interactive

Who didn't get bored of manually typing the few lines to upgrade a reverse shell to a full interactive reverse shell tty spawn, stty size ..., stty raw -echo or typing the command to use ConPTY. Description With Girsh, just run it and it will detect the OS and execute the correct commands to...

CentOS 7 : flatpak (RHSA-2021:0411)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0411 advisory. - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that c...

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 8 : flatpak (RHSA-2021:0304)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0304 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: sandbox escape via spaw...

Command Injection

Overview total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as web, desktop, service or IoT application. Affected versions of this package are vulnerable to Command Injection. The issue occurs in the...

ctf-writeups

This is a PoC exploit for a double free vulnerability in a binary. The exploit creates overlapping chunks on the heap, manipulates heap metadata, and overwrites the mallochook with a one-gadget address to execute /bin/sh. The challenge is interesting because it does not allow the exploitation of...

OS Command Injection

priest-runner is vulnerable to OS command injection. The vulnerability exists as it passes unsanitized input into a spawn call through a POST request into PriestController.prototype.createChild...

Command Injection in priest-runner

All versions of priest-runner are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to a spawn call, which may allow attackers to execute arbitrary code in the system. The PriestController.prototype.createChild function is vulnerable since the spawn...

PYSEC-2020-44

This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...