Lucene search
K

12 matches found

Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.10 views

Samba Print Configuration Checker

This Python script is a lightweight configuration analysis tool designed to inspect Samba smb.conf printing settings and identify potentially unsafe print command configurations associated with command injection risks. It's written to target versions 4.22.10, 4.23.8 and 4.24.3...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.21 views

CVE-2026-30304

In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be...

0.00435EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 9:37 p.m.3 views

CVE-2018-25122 Nagios XI < 5.4.13 Component Download Page RCE

Nagios XI versions prior to 5.4.13 contain a remote code execution vulnerability in the Component Download page. The download/import handler used unsafe command construction with attacker-controlled input and lacked sufficient validation and output encoding, allowing an authenticated user to inje...

8.7CVSS8.2AI score0.01528EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-31477

Malicious code in bioql PyPI...

9CVSS8.8AI score0.02474EPSS
Exploits1References4
OSV
OSV
added 2025/07/29 10:15 p.m.4 views

AZL-66101 CVE-2025-4674 affecting package golang for versions less than 1.22.7-5

The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS e.g. Git, but contains metadata for another VCS e.g. Mercurial...

8.6CVSS7.3AI score0.00273EPSS
Exploits0References1
OSV
OSV
added 2024/07/22 3:15 p.m.16 views

CVE-2024-29073

An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. ...

6.5CVSS6.7AI score
Exploits0References2
CVE
CVE
added 2024/07/22 2:20 p.m.75 views

CVE-2024-29073

Anki (Ankitects) 24.04 is affected by CVE-2024-29073 due to incomplete sanitization of LaTeX: the verbatim package is not properly handled, enabling a specially crafted flashcard to read arbitrary files. The issue is triggered by sharing a flashcard; no fix/version remediation is provided in the ...

6.5CVSS5.3AI score0.11512EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/07/22 12:0 a.m.34 views

Anki Latex Incomplete Blocklist Vulnerability

An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. ...

6.5CVSS6.7AI score0.11512EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2022/10/25 12:0 a.m.34 views

CVE-2022-33185

Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user accoun...

8.4AI score0.00322EPSS
Exploits0References2
OSV
OSV
added 2022/09/05 12:15 p.m.4 views

CVE-2022-2830

Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. Bitdefender GravityZone...

9.8CVSS5.8AI score0.00764EPSS
Exploits0References1
OSV
OSV
added 2022/08/26 12:15 a.m.15 views

CVE-2021-3020

An issue was discovered in ClusterLabs Hawk aka HA Web Konsole through 2.3.0-15. It ships the binary hawkinvoke built from tools/hawkinvoke.c, intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root with an attempt to limit this to safe...

8.8CVSS7.3AI score
Exploits0References3
OpenVAS
OpenVAS
added 2009/09/03 12:0 a.m.12 views

ikiwiki Teximg Plugin TeX Command Arbitrary File Disclosure Vulnerability

ikiwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6AI score0.01799EPSS
Exploits1References4
Rows per page
Query Builder