Lucene search
K

14 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/10/20 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS6.2AI score0.29738EPSS
In wildExploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32540

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.29738EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/13 3:34 a.m.4 views

Malicious code in jenkins-trigger-actio (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/13 2:52 a.m.4 views

Malicious code in jenkins-trigger-action (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fedbad1242e09329c414a95c493ce62c39c15cad4472ef5fc4a8b9b836834fb4 The OpenSSF Package Analysis project identified...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/13 2:52 a.m.3 views

MAL-2025-6937 Malicious code in jenkins-trigger-action (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fedbad1242e09329c414a95c493ce62c39c15cad4472ef5fc4a8b9b836834fb4 The OpenSSF Package Analysis project identified...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.6 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS7.8AI score0.29738EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/02 2:15 p.m.5 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS6.2AI score0.29738EPSS
Exploits0References2
OSV
OSV
added 2022/05/02 2:15 p.m.4 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS7.6AI score0.29738EPSS
Exploits0References1
NVD
NVD
added 2022/05/02 2:15 p.m.25 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS0.29738EPSS
Exploits0References1
CVE
CVE
added 2022/05/02 1:33 p.m.87 views

CVE-2022-28054

The CVE-2022-28054 entry affects VanDyke Software VShell for Windows 4.6.2. The root cause is improper sanitization/cleanup of trigger action scripts, which enables an attacker to execute arbitrary code by supplying a crafted value. Impact is high: remote code execution with network access and no...

9.8CVSS9.5AI score0.29738EPSS
In wildExploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/02 1:33 p.m.29 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8AI score0.29738EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/05/02 12:0 a.m.7 views

PT-2022-18781 · Vandyke · Vshell For Windows

Name of the Vulnerable Software and Affected Versions: VanDyke Software VShell for Windows version 4.6.2 Description: The issue is related to improper sanitization of trigger action scripts, allowing attackers to execute arbitrary code via a crafted value. Recommendations: For VanDyke Software...

9.8CVSS9.5AI score0.29738EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/05/02 12:0 a.m.4 views

VanDyke Software VShell for Windows 安全漏洞

VanDyke Software VShell for Windows is used for multi-protocol secure file transfer by USA Vandyke Software. A security vulnerability exists in VanDyke Software VShell for Windows version 4.6.2, which originates from improper cleanup of trigger action scripts. An attacker could exploit the...

9.8CVSS8.9AI score0.29738EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/01/04 12:0 a.m.95 views

Adobe reader plugin PDF files universal crossite scripting

By using URIs like http://path/to/pdf/file.pdfwhatevernameyouwant=javascript:yourcodehere it's possible to execute code in context of any Web site where at least one PDF is stored. 2. By using "trigger action" in PDF document it's possible to execute code in context of the web page where...

7.5CVSS0.7AI score0.55677EPSS
Exploits6References3Affected Software1
Rows per page
Query Builder