14 matches found
VulnCheck KEV: CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
EUVD-2022-32540
Malicious code in bioql PyPI...
Malicious code in jenkins-trigger-actio (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Malicious code in jenkins-trigger-action (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fedbad1242e09329c414a95c493ce62c39c15cad4472ef5fc4a8b9b836834fb4 The OpenSSF Package Analysis project identified...
MAL-2025-6937 Malicious code in jenkins-trigger-action (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fedbad1242e09329c414a95c493ce62c39c15cad4472ef5fc4a8b9b836834fb4 The OpenSSF Package Analysis project identified...
CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
CVE-2022-28054
The CVE-2022-28054 entry affects VanDyke Software VShell for Windows 4.6.2. The root cause is improper sanitization/cleanup of trigger action scripts, which enables an attacker to execute arbitrary code by supplying a crafted value. Impact is high: remote code execution with network access and no...
CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
PT-2022-18781 · Vandyke · Vshell For Windows
Name of the Vulnerable Software and Affected Versions: VanDyke Software VShell for Windows version 4.6.2 Description: The issue is related to improper sanitization of trigger action scripts, allowing attackers to execute arbitrary code via a crafted value. Recommendations: For VanDyke Software...
VanDyke Software VShell for Windows 安全漏洞
VanDyke Software VShell for Windows is used for multi-protocol secure file transfer by USA Vandyke Software. A security vulnerability exists in VanDyke Software VShell for Windows version 4.6.2, which originates from improper cleanup of trigger action scripts. An attacker could exploit the...
Adobe reader plugin PDF files universal crossite scripting
By using URIs like http://path/to/pdf/file.pdfwhatevernameyouwant=javascript:yourcodehere it's possible to execute code in context of any Web site where at least one PDF is stored. 2. By using "trigger action" in PDF document it's possible to execute code in context of the web page where...