27 matches found
CVE-2026-56315 picklescan - Remote Code Execution via Unblocked Standard Library Modules
picklescan before 1.0.4 fails to block at least seven Python standard library modules including uuid, osxsupport, aixsupport, pyrepl.pager, and imaplib exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked...
CVE-2025-71323 picklescan - Remote Code Execution via Unblocked ctypes Module
picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary commands, bypassing sandbo...
CVE-2025-71323
CVE-2025-71323 affects picklescan prior to 0.0.33, where failure to block the ctypes module enables remote code execution via crafted pickle files that use ctypes.WinDLL to load kernel32.dll and execute arbitrary commands, bypassing sandbox protections and gadget-chain detection. Exploitation sta...
CVE-2026-41332
OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GITTEMPLATEDIR and AWSCONFIGFILE are not blocked in the host-env blocklist. Attackers can exploit approved exec requests to redirect git or AWS CLI behavior through attacker-controlled configuration files ...
CVE-2026-31868
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.4 and 8.6.30, an attacker can upload a file with a file extension or content type that is not blocked by the default configuration of the Parse Server...
CVE-2026-31868
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.4 and 8.6.30, an attacker can upload a file with a file extension or content type that is not blocked by the default configuration of the Parse Server...
CVE-2026-31868 Parse Server has Stored XSS via file upload of HTML-renderable file types
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.4 and 8.6.30, an attacker can upload a file with a file extension or content type that is not blocked by the default configuration of the Parse Server...
Parse Server vulnerable to stored XSS via file upload of HTML-renderable file types
Impact An attacker can upload a file with a file extension or content type that is not blocked by the default configuration of the Parse Server fileUpload.fileExtensions option. The file can contain malicious code, for example JavaScript in an SVG or XHTML file. When the file is accessed via its...
GHSA-G38G-8GR9-H9XP PickleScan has multiple stdlib modules with direct RCE not in blocklist
Summary picklescan v1.0.3 latest does not block at least 7 Python standard library modules that provide direct arbitrary command execution or code evaluation. A malicious pickle file importing these modules is reported as having 0 issues CLEAN scan. This enables remote code execution that bypasse...
CVE-2026-22608 Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection
Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, both ctypes and pydoc modules aren't explicitly blocked. Even other existing pickle scanning tools like picklescan do not block pydoc.locate. Chaining these two together can achieve RCE while the scanner still...
EUVD-2017-9511
Malware in sbrugna...
EUVD-2022-34170
Malicious code in bioql PyPI...
Jenkins plugin Dead Man s Snitch 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
CVE-2022-29937
USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but for example an OS command for base64 decoding is not blocked. NOTE: this is not an Oracle Corporation product...
CVE-2022-29852
OX App Suite through 8.2 allows XSS because BMFreehand10 and image/x-freehand are not blocked...
CVE-2022-0249
A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked...
PT-2022-13067 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.0 and later Description: A blind SSRF attack was possible due to unblocked requests to shared address space. Recommendations: For GitLab versions 12.0 and later, update to a version that includes a fix for this issue. At th...
PT-2021-20331 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: Dolibarr version 13.0.2 Description: The website builder module in Dolibarr allows remote PHP code execution due to an incomplete protection mechanism. Specifically, while system, exec, and shell exec are blocked, backticks are not blocked,...
Python Utility Bot 安全漏洞
Python Utility Bot is a community bot developed specifically for the Discord community. A security vulnerability exists in Python Utility Bot that stems from a token filter not triggering when an un-blacklisted URL and a trigger filter token are included in the same message in the affected versio...
PT-2021-19425 · Mediawiki +1 · Abusefilter Extension +2
Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.2 AbuseFilter extension for MediaWiki versions through 1.35.2 Description: An issue in the AbuseFilter extension for MediaWiki improperly handled account blocks for certain automatically created MediaWiki user...